{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cc4703ff-37b8-557b-a656-bf71a106dec9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-transport-sctp", "version": "4.1.63.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2711f336-915f-51ff-97f9-50600d72098c", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2e648ae-2bd9-5dbf-8f37-5f78fd67cf08", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6118c682-f0d0-5f9b-9a29-357a0ce50ed0", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05d31909-167c-57ac-a8ca-382a8f8c898d", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2e52d58-33fc-58a5-b717-041c6ba3ae29", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee1b813e-3879-51dd-bf8b-a27d9e7e9b2c", "id": "CVE-2022-41915", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41915 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6dd8313-8213-59d7-bd6a-41748cd986d2", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8400c7e9-fc03-5c64-b4e5-daa27b0b56aa", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e20edeae-ff88-5f2b-82e6-22b47a849c2d", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport-sctp 4.1.63.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cfcc334-309f-548b-9789-1e5eb06f371b", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e58d9fc0-c0c9-58f4-b237-92827c94a703", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:146e79a7-aa4a-5658-9b4d-e4199663d15a", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf892278-013a-522b-973d-4a5f27aecf65", "id": "CVE-2025-25193", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-25193 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0930400f-a34a-52c0-9857-6dd064ae4d94", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4501df1b-f42a-52bb-b480-c2242a710cc0", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce7c32f2-5722-5af5-8123-e634636aaf8f", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a06825ea-09cf-5769-8eca-a798e362526b", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:223439e3-56e0-53b7-9ea0-565ad0c30328", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a515a1b3-288d-52aa-9466-2a11b9d3c49a", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bda71de0-90ac-568e-8e08-e07cede446f6", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b4eeb29-9af1-5332-b96e-5829d95adf02", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.63.Final-tuxcare.2" } ] }