{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cfc7ea2e-5dc2-5c29-b7ec-601cb23b0746", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-dev-tools", "version": "4.1.58.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bcdef2e5-7cbd-505e-8944-144275dfc880", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0adee052-9e85-5b9b-a6b5-2fed8a3ddcb4", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe092535-1b3f-50c5-96e8-1a15c5484881", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1d4b754-1fc3-5a84-bf5f-fa20713b3d72", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5d4d201-53ea-595b-b777-1aeaaf90ffd4", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c5d907e-9596-51c7-98c2-88c285ad8657", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa652340-7ba0-5bf4-bdf0-c48b10ba1ad8", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e78cc7fa-f187-5f0d-8ee1-1248aef98622", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d26f38a3-77a9-5e6b-9b06-bfc5c131c57b", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e533612a-2ee4-5c3b-86ef-3de2aba3d7e2", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd8fd940-c1ad-52db-b1d7-78f23e70b295", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-dev-tools 4.1.58.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e548d8c-e3cb-54b4-b681-d51edabf0ed8", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5afdb129-0562-5aa7-81e3-bdd54e7016a3", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:869df867-9fb5-5b77-acf2-b1a309a0f080", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e369456-ae81-50ed-a825-736479031fb9", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a851782-d970-545d-8b24-4858cc2ae67a", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:296afb02-7b0e-5668-a771-d837fa97c96c", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d0acd97-63d6-53de-a4fa-e1bda4403ccc", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8b13d3b-dd4e-56be-a3c0-84a82ebf3e1a", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54594f52-c141-5a3c-ba41-8532989ef7ba", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:021cf61f-09ab-5501-b1a7-571a6528b563", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5f4e724-83b9-59c3-9f13-6c7627b940a8", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ea1566e-0cb9-5821-b5b1-2fecae2e002a", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }