{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e168c0e9-6371-5812-a3bf-7ac60f76b59b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-resolver", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4c9a6429-bf4b-579e-9562-a8da815f887a", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdaabd6a-50ad-5dd2-854a-97da672880c2", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f933406a-d7da-5587-9e9c-17af299151ba", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9568055b-de92-53d7-a74f-03882d6c396f", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:770df721-6a33-51c1-afd4-d8a0e6984480", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbd9d382-cea7-5c36-ba82-9438bebbfd12", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c136a07c-edeb-5f48-b044-c3ba8bab7a7d", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8daee28c-c8fe-5171-ba86-31d7d50f0863", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fb63af7-3c0e-59e1-9bee-45e566b02a85", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b4abfa7-6296-5bdd-9cfa-fed52c773200", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6ac7ace-295b-5e24-a2d6-04fc0aa32144", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbc291a5-9c5d-5bb2-9efa-2fe34b250a93", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-resolver 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86e79035-b573-5f87-9def-c1be1d8b7bd5", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0a5eb8d-4146-5839-8d47-44a2881b700a", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af0ecad8-278d-56f8-96f6-959159cba6f1", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff3ec759-dfee-51c2-b516-99f13df31ee8", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31f10dc9-b080-577d-97c5-a32dc928f739", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2f7f0c9-0b84-5cfb-ac9a-678d857d1d25", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:182bcd5d-43cb-54ee-bb08-b5f074cb3ade", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c807285-d975-5247-85c0-bdea68fe1960", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7ea444b-a4ee-5c04-8898-000481893ed8", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:994fb866-8514-57bd-b862-0900e9b47a19", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a74b167b-558b-588c-aacf-ff8ccea819a9", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98a91111-9423-5324-9441-3cbd836d0a25", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.48.Final-tuxcare.1" } ] }