{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:10a16063-c49b-56b5-97b4-3602e738bdef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-resolver", "version": "4.1.58.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9128fd7f-7100-5afb-b694-fce728e60caf", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cedfacc-1f8f-5240-b3a2-5516b0541459", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3277459-c778-53b3-9a29-a4c09ae2c5cd", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f61ee009-235e-5f29-8ce6-a3dcaff87e2d", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a24a1146-1d33-59dd-af62-b57d4255d296", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8e47944-0d04-53a3-b603-dd2fc9f32c40", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bdf0402-ecae-51d2-8098-92ca2c178fae", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1605f32c-3c20-56e2-b4cb-e3cb0629e5ec", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a09c38da-1f21-50ee-87b3-72fb7d49c578", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24b98aec-3031-581c-a942-d0cad7cba5e4", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a37bf544-93d4-582f-aaff-ae98e692525d", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-resolver 4.1.58.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4439c708-67c5-5ff6-a5d8-6e509d887518", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a810c23-d90c-57eb-90ac-38d6ec03cb25", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd018093-f6d2-5936-ad06-1cfb2eeb198c", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a151c3fb-eb93-51dc-9161-33ff74d09bd6", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0096825-ad9b-5bd1-85c6-e4a5e4f5558c", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0dbd5a01-a337-5680-b208-04adbccf5bf1", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90f65c7e-a8f4-5040-88cb-46204ec04d66", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db3c04a0-a80c-593c-aac7-ebbdb3bfe54f", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ed841e0-95ee-593d-ba08-e344b6db58c9", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e9e6374-4c9c-5c73-8e82-7a738f20f628", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4421b1d0-08dd-58b0-a113-5e1f7e33c814", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5e0bcc1-e04d-5082-b48d-6afd043e3a43", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-resolver." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-resolver@4.1.58.Final-tuxcare.1" } ] }