{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0313594f-f084-5a52-9126-5f597ff3288e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-transport", "version": "4.1.49.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bd8a28f0-5bb8-51c2-aef3-5294f4fbe5a3", "id": "CVE-2021-21290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21290 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18f90a7e-48b6-5d6d-a463-fb075c920d45", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:567bf22c-8930-55b7-a98d-53dce87de74f", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2ac0289-a820-5797-98b3-9563aba4a21f", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf385e98-a1a6-55c2-a712-799b8c1b887a", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:716c27e2-2660-52e1-b2ba-265df83c855b", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9bf66ba5-f574-5c15-b57a-6da265b6d48c", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13a53e63-a18f-5704-a1ab-a27f8969b531", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93bab659-e6a1-52ae-ad5a-87e4d0a2385e", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95d7afd2-5da1-52af-b835-d3f5cc32a13a", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:795dc0f4-fbec-53e5-a92b-e3455166b1ae", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91f8ddb4-928c-5bd4-8917-148b3a41c66f", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport 4.1.49.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f67a705-05af-5890-8dcf-38a51ffe235d", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03d8a677-5482-5e1f-b1db-ae1cb1427f7b", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e018eff3-19aa-5f6d-b39d-289574a30c18", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f6eea39-5bfc-50f9-8d49-d2e17bdba3b6", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5957b23-6de4-5e3f-b2fe-30c73197c8e1", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8770bad1-ea7f-5074-a5e1-9d308a94ab65", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c15b6f6-b0fd-5128-9b8b-df357cff983c", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a29dc132-12b8-56a4-b6d0-804e26bbf066", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83fc0496-859d-50d4-96a1-4222ccec125f", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:329d809e-71a4-5d1b-8e9e-b7c14b5106c2", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e5d1042-4e7e-510b-8312-61c05c0dad6f", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:329f5061-0063-5ee6-b3fd-66c225b63e95", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.49.Final-tuxcare.1" } ] }