{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:df0e02f7-d558-5193-9348-92d4bfecabe7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1", "type": "library", "group": "io.projectreactor.netty", "name": "reactor-netty-http", "version": "1.1.15-tuxcare.1", "purl": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:228a3127-9b14-521a-93b9-386bcb399881", "id": "CVE-2020-8276", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8276 is a false positive for io.projectreactor.netty:reactor-netty-http 1.1.15-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef9c6be4-29a7-55e4-9e47-f7aac331a0b5", "id": "CVE-2021-22929", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-22929 is a false positive for io.projectreactor.netty:reactor-netty-http 1.1.15-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ca6d56b-03c0-5cfd-994a-39cf28457d88", "id": "CVE-2022-30334", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-30334 is a false positive for io.projectreactor.netty:reactor-netty-http 1.1.15-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9be51f90-18d8-513c-b460-d2fcc66c5153", "id": "CVE-2022-47932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-47932 is a false positive for io.projectreactor.netty:reactor-netty-http 1.1.15-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68469163-c455-5b57-97d2-a22848a246c9", "id": "CVE-2022-47933", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-47933 is a false positive for io.projectreactor.netty:reactor-netty-http 1.1.15-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6f73d19-24fa-58d3-b460-8a4b9814e7e5", "id": "CVE-2022-47934", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-47934 is a false positive for io.projectreactor.netty:reactor-netty-http 1.1.15-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:734a4b41-efeb-5589-baa9-a6a7aa8aa31a", "id": "CVE-2023-28360", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-28360 is a false positive for io.projectreactor.netty:reactor-netty-http 1.1.15-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a4e37fe-96b6-5a69-a94b-64e915593fc4", "id": "CVE-2025-22227", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22227 is fixed in version 1.1.15-tuxcare.1 of io.projectreactor.netty:reactor-netty-http." }, "affects": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.projectreactor.netty/reactor-netty-http@1.1.15-tuxcare.1" } ] }