{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:35f4f07f-60cf-5cd7-89da-7f07503afec8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-dev-tools", "version": "4.1.49.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9c6dea15-407b-5ab0-af61-8aa470da3439", "id": "CVE-2021-21290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21290 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d37bafe4-d085-5d6b-a91e-048cce21ee74", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a1957a5-d271-5e8d-8842-c53a0adc6baa", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42e99ec3-ecb6-51ae-aa67-231a45a3a3c7", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5117acab-f4fc-56c9-a478-7c320bb3d26a", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9bd7030-7306-5e17-99e4-c8a214849928", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c04c954-e38d-5278-86a1-a7b1715bf520", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c28f31c-b940-5039-8dc8-7822965be539", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b6cff27-8c17-5f38-9262-378ea59cf18a", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c292ac8-a25b-5086-9452-393a9fe45d2a", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e6952f3-ff79-5991-84d1-2a5e88e9aa73", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2840b0e1-2931-5d9b-84a4-e93857c4c54c", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-dev-tools 4.1.49.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c32d2f9d-a83f-5607-a7e7-e972356872ff", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80541ad3-c4dd-5992-8cc3-e12e9578ac23", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e45500f-f67a-5d78-931e-f32f4d6e927a", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a899450-e282-5617-9f3c-093e54a4c203", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f63200c-fbf6-59ef-9c44-39b90c548c3f", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2266723-7078-5189-a36d-7c11b914752f", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3083f8ea-1c9e-54a8-916d-f404b9d408cc", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c15f1b24-109e-5213-82a0-6dc386cdefde", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a851ff2-a4be-5cb3-bc3b-68bfcd6b8694", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cb469e3-2ad2-55fa-a93c-17e878f9fb75", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58d4ea90-256a-5b48-8868-a84200c659db", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cd47ccd-c86c-588a-8fcd-c3b0590307f7", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.49.Final-tuxcare.1" } ] }