{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:445bf31b-fbcc-5849-a43b-fd8b5683a4b0",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1",
      "type": "library",
      "group": "io.netty",
      "name": "netty-handler",
      "version": "4.1.73.Final-tuxcare.1",
      "purl": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:4b93cc71-515d-5330-aef3-33d144a16b1d",
      "id": "CVE-2022-24823",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:816aa593-2cdc-548f-9786-e2d6dd6671ed",
      "id": "CVE-2022-41881",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:57260886-b4d2-53fa-8d2d-5a3766b27e70",
      "id": "CVE-2022-41915",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-41915 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dbce826f-5c06-59eb-be74-f9bf7cd0c107",
      "id": "CVE-2023-34462",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-34462 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fd0ec3b5-076a-56c9-8e47-f30e670e5556",
      "id": "CVE-2023-44487",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1c22ed9d-3830-5c23-8081-995a2ee963dc",
      "id": "CVE-2023-4586",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler 4.1.73.Final-tuxcare.1."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2536d1c6-6484-5442-82be-127adb44d67b",
      "id": "CVE-2024-29025",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-29025 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9f04b04e-4a54-5735-9cb1-5c1f26fe1fc8",
      "id": "CVE-2024-47535",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:23fe040f-9cea-557d-bbee-fedd4210cd6f",
      "id": "CVE-2025-24970",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:11f061a7-8337-5eca-ae5b-32fe5219bb30",
      "id": "CVE-2025-25193",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-25193 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e999b1a4-df98-5d46-b0c8-bbf8940c3e11",
      "id": "CVE-2025-55163",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-55163 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d27dc153-6477-5857-8f25-76ad288f196d",
      "id": "CVE-2025-58056",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-58056 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5b97152e-8420-5503-8fbc-9db7b9f15e64",
      "id": "CVE-2025-58057",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-58057 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3724d927-006d-549c-843a-51d9aee1cfaf",
      "id": "CVE-2025-59419",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3b92b05d-7feb-543f-8e77-fddac0db9c66",
      "id": "CVE-2025-67735",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-67735 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dc4a345f-9fe7-5bab-938d-de49e69ad666",
      "id": "CVE-2026-33870",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-33870 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8750c417-5000-5845-8b8b-171983fdb18d",
      "id": "CVE-2026-33871",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-33871 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ed35c8b5-3e21-58a8-956b-a33effb848dc",
      "id": "GHSA-xpw8-rcwv-8f8p",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1"
    }
  ]
}