{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c275406-3178-501a-b27c-c6762ca06272", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-handler-proxy", "version": "4.1.92.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cdc656bf-f8f1-55b7-b099-3b3017f663a5", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0dd68359-b48e-53ff-b485-73c2eff5efd2", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92ba8e8a-9e56-5a55-9f8d-438d5c9bddd8", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler-proxy 4.1.92.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2bc27fa-60f1-5f41-bd19-6ac176bf42b7", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f46198c7-27f8-571b-beec-1a7cfa7d9a30", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2928b720-fdea-5b6c-af5f-882c2f6faca6", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49f5ed49-97a0-5329-a72b-52868b390a89", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3836059f-f389-5255-8182-bffe854eeade", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3082373c-f751-56f5-8f59-5e512d594509", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d978ed17-36cc-58ea-ae28-cd34d93fb43d", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b7285c9-0a31-5772-887f-b8585f37552c", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:497054ef-bfab-5c9e-afeb-3cb1440f1b3a", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:909404ff-adde-52d4-abc2-fffc4a524f92", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:569b6701-3eba-5b06-bd17-ba851a144b10", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98c37866-ca76-597e-bc34-ca7942618d64", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.92.Final-tuxcare.1 of io.netty:netty-handler-proxy." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-handler-proxy@4.1.92.Final-tuxcare.1" } ] }