{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cf8fcd7c-6ea9-5b93-8399-b42c4ba879d9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-handler-proxy", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b9ff7b71-707a-5e9a-90bf-33b3a6b9b6bc", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa75d1f2-8b1c-587e-ae71-feb9ef45224e", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4583c60-2195-5c40-a8af-17937490fa8b", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df17b458-63bd-5eea-bfda-78d4a3152e4f", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b7df0cd-8d63-5fd7-9d8e-cf444acaf070", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2872ac9c-f315-556f-88c0-b86ac7d7bdf1", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:954d8324-90f3-5b6a-b7c5-389637ab5f1b", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78bbd379-ab34-55b3-94f5-a9d1ae387fb8", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0693b351-1b7c-5bc9-a247-532165dc9308", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75a9f87e-73ad-5027-8bc9-dd99acf8373d", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19b56d64-8b46-5ea8-a4b7-885c5e871fc3", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:234fc59e-2e68-5acd-8221-d46faa5e5c96", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler-proxy 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28b89c43-1047-5796-862b-514c50ed5c50", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f9054d0-80d2-54ce-88e4-9eaaafa8cd55", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8cadb3f-4cc7-5e43-8c9d-8e6389b0004e", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcfc2d96-93cd-59f8-b53c-b19466a8d66c", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6058ca3-f20a-5ea4-8c51-57d30f00f21d", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9107cda3-3c50-5a8d-bf01-8b1ff21f82ad", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac953329-5085-568a-91d9-60c5ec1fab78", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b84c4b7-c5d3-5dd3-ae71-58a21f0fce77", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c83db592-fb6d-51e9-b498-f90f5528cb06", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5a8f523-3070-5d58-b69c-dd9eb2b15417", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43b86bf9-4ead-5df1-8581-a2391abb06c9", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ab048ea-9223-5400-baf4-20e2dd01c009", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.48.Final-tuxcare.1" } ] }