{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e4851d49-a168-51c4-a426-d4d265b21f98", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-transport", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d1875478-4969-53b8-94fd-3cc562cf3fdc", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d2a6264-5654-5741-a9e8-a51bac527c82", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9264fd9-8f9d-57f8-a490-0e85bec3e246", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2fb5e0f-1ea5-5dfd-8b33-9dafeb2d99f6", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d978d60-293a-5465-9d08-9e3566ddebc6", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1be3615-b575-5f42-a7d6-c3553712e3c0", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c817b80-a702-5340-b5d0-7bb7353854f8", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab1f515b-f419-550a-8aae-001b25a91ac9", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e719637-2f44-5f4c-862d-5704119afa5f", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b72bcec9-921a-5542-b474-fb014a99d9d3", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e3a0a21-f84f-5dea-9fc7-2e93f12dcd2c", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83fbabd6-4576-51e9-820c-f014df288c86", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:633f5fa1-f27e-5867-988c-480beb92d9ac", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:658ed3c8-f8f1-5287-865a-e77ef63ab24f", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:135d2397-b1f5-5179-a65b-e154b7233f58", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d85020de-08a9-5448-ace3-c2736864a631", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a96f8ba4-971f-525d-8635-1018b47f5e42", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:420ca250-5ac5-53dc-9675-3beb24aa64ab", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8816dea4-ddea-57ea-93b6-5167c69773ff", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:221a2490-0761-5137-bbbc-3a3e31507ef1", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d87c899a-4433-5d2b-ac49-822701b27349", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aba6c0f4-fe29-5b17-b050-f64d285bdd9f", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae39fc9e-f772-53ba-a6f0-09e2eeb7f810", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f3ab5ac-d37c-59b9-ba5d-ad81de60fdea", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.48.Final-tuxcare.1" } ] }