{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5dd18612-44bc-58fd-9bd9-1d0afad14051", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1", "type": "library", "group": "io.projectreactor.netty", "name": "reactor-netty-http", "version": "1.0.32-tuxcare.1", "purl": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2fad080d-adcb-55e0-8e99-1ba6124aec79", "id": "CVE-2021-22929", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-22929 is a false positive for io.projectreactor.netty:reactor-netty-http 1.0.32-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f8a6e74-cdd0-516c-b011-8769f14a4ca9", "id": "CVE-2022-30334", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-30334 is a false positive for io.projectreactor.netty:reactor-netty-http 1.0.32-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f48c43a0-5d28-5d56-a13c-752b4f3c5903", "id": "CVE-2022-47932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-47932 is a false positive for io.projectreactor.netty:reactor-netty-http 1.0.32-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e95999de-94a0-57fd-90e7-21f815a9bcfb", "id": "CVE-2022-47933", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-47933 is a false positive for io.projectreactor.netty:reactor-netty-http 1.0.32-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbc438eb-52f6-5b42-a515-37a77e42d2fa", "id": "CVE-2022-47934", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-47934 is a false positive for io.projectreactor.netty:reactor-netty-http 1.0.32-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdc548a5-d34b-5a38-8053-153e6355061a", "id": "CVE-2023-28360", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-28360 is a false positive for io.projectreactor.netty:reactor-netty-http 1.0.32-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f9c8cab-41cc-5028-8915-db334584501a", "id": "CVE-2023-34054", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34054 is fixed in version 1.0.32-tuxcare.1 of io.projectreactor.netty:reactor-netty-http." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2093185-fc41-5bbd-81da-d964c1c02ca0", "id": "CVE-2023-34062", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34062 is fixed in version 1.0.32-tuxcare.1 of io.projectreactor.netty:reactor-netty-http." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:164231a3-7c4d-58ce-9d7c-46dbd2410e8d", "id": "CVE-2025-22227", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22227 affects version 1.0.32-tuxcare.1 of io.projectreactor.netty:reactor-netty-http." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.0.32-tuxcare.1" } ] }