{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:26770b3b-5cac-564c-80dc-e556adbac61d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-testsuite-http2", "version": "4.1.49.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8b51377d-b9f7-5832-9712-17cf1d73529d", "id": "CVE-2021-21290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21290 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b255eb16-5d67-57e9-8876-86de2d3c79e4", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90338d93-7ebb-5fdf-9feb-9273fe4ca99f", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:feb81762-3902-597e-bb36-765194db54e6", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b981384c-c452-5344-8d62-66dbe5d8d786", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b725c3da-b8cb-5f47-a3ad-991079b0dfe5", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5e03db1-8207-570d-914f-447079eaf64c", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:118c57ce-99e0-5b95-860e-f9ff04218caf", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10f61f65-c27e-5575-a0ce-d4b21d9d6369", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:feeed4f2-a920-53ad-bdcd-075e8ff00109", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b14c681-071c-50d3-931c-86ff00f7a23f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6cddd319-a37b-51ce-b371-f65cb0b6cfc3", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-testsuite-http2 4.1.49.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6e8fa93-e7f5-5fb4-b331-d68fc8e18261", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3464a145-3899-5a4e-a88c-26542efc3232", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecfa3280-b9bf-52fd-88ca-f044547ac3e1", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cead7d8-9871-5245-bd86-a2e54bcfae5d", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fff684c9-5c5c-547f-a687-c7b0d7377376", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eac45862-4f88-5daa-9842-c0566c80ba09", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6646ea6d-61ce-54ad-b69e-f35d1045dba1", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96bc2632-83db-5eed-bb64-f9737ee525d5", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:784893a5-984e-5f20-a90a-310cc9611a8f", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c80de803-b182-578b-a82c-f127702b1895", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:120af812-aa43-574d-8959-833a126cfca4", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1b8a46c-e81e-5a7d-a7c1-ccd2619ae210", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-testsuite-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-testsuite-http2@4.1.49.Final-tuxcare.1" } ] }