{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d162f53b-f6dd-5536-b016-5f6b78fab9e9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-transport", "version": "4.1.60.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:98e9cff8-e24f-5bf5-b28c-027637c6bc05", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1749b80f-e000-52e5-ae0c-949484a2070e", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea77c3c2-a31f-596a-a3fd-fc320571ab19", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22faa96a-f295-5f19-953d-fb026c246c1f", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60675963-4837-54f8-b862-3107c1ea675f", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee7cfd2f-1150-5057-85e4-7dfa262bb602", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:459d41a8-bf0c-5df2-a288-ef948d5e6267", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99fafb8b-a3b6-5c49-8a9e-9d2085d94510", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:700a6f10-34ee-5648-870b-9951a534ba81", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport 4.1.60.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c53383a-7691-59c0-8dba-cd690e9d1f26", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da1bb89c-79b9-5b66-8bc9-e5e8e25c5798", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ac2be81-81b6-5cf3-a0c3-360595be3808", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f35813d-0d9c-509c-8f16-41fa5c27eafa", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:311780f7-88a2-5bb7-ba26-e794d498f0c1", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a2b3509-eb55-5108-98c1-6e6a88d9cb75", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92c7b2d1-46ad-5c1b-a26b-3c34f635e3dd", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:963a652f-ddd6-5b35-8edd-301414bc2356", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:549301db-bdb8-5421-871b-6ad2e5d44a92", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7e5bbb6-9d7f-5436-9941-91f98813c0bd", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e28888d-5fde-578a-b3a2-9a76d15c1849", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcf1e8e4-df52-5364-8d56-b0a2868df469", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.60.Final-tuxcare.1 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.60.Final-tuxcare.1" } ] }