{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:af26a2ec-c7e7-5bcc-aa71-3896080ef95b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-dev-tools", "version": "4.1.63.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ca110fb4-d87b-5f4c-9093-3e2929ae1819", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:952254da-0b42-55aa-a34d-27d7af2c413e", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:481984ac-5954-50f7-8a48-bc048a22c03f", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6757e4d7-f411-5a43-8053-f25eb8b909b6", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e627699d-0c3f-52e5-8ee1-ff7873fb15bf", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99e8dd91-3ae4-5918-925b-6d767dd4e016", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:def425c2-cbff-5f97-8936-a502c00e6fb5", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78a8c388-112f-5016-8754-d367720140de", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7dd6878d-cf96-5409-98f2-c2c886631e1b", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-dev-tools 4.1.63.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcb04bda-bce0-5352-a660-6c938dcc7080", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d7a42e8-8b8e-585f-a449-184a76a73814", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e642c001-2915-5d7e-932b-8c1b0386434a", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1d39e03-807f-5ca9-ab1b-4a900881a33c", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5b3d57a-8b34-5eba-ad41-7f28b15e4abf", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dd26ddd-8dde-57b5-8846-ce9d321e0494", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd2d5080-0115-53ac-96f7-d4f14880fd43", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6439c0b-149b-5c55-ba08-6edd985d36a4", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0e76400-0897-576c-a8c9-a0322221f7f4", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be7709d1-653d-5974-b545-790afad8a3be", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:073ac9f6-3c51-5970-bddd-7edbc046568b", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ced8d1b-ceb7-5cbd-a028-151d2ec4661b", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }