{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6aff35e3-9574-552c-b5a3-279f81e2bbad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.82.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:16251df2-e6e6-5ca5-99b7-54935f5784ba", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52d25e90-3c62-55ea-885d-9b9805e17eab", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d2d9a3a-d328-5217-91a4-b2bdee7e6474", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2b9cace-9972-5bb0-ac39-925950c76934", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05802a9d-baf8-5fa8-b600-090d989c8907", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-xml 4.1.82.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7347547c-88e1-5bec-b19f-f76753e6bcee", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d4c16de-1b33-546c-a116-ed3ee73a242d", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19da13e9-ee8f-5b50-855e-dee6c83a8e1b", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66313a29-06d9-5e99-9b56-1276e67f7b8e", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05fdb521-f542-5554-a5e8-9df9c70515ba", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:308897f8-f3e1-5f13-8378-802955636ee5", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7535577f-ad75-5604-814b-5399d72db173", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5c96abb-45c3-5b47-9ff5-2afdaa483a0b", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ebad019-ea66-53b5-8397-53bd5b41c14b", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dceafac0-ad47-5daa-a954-d73cd0608523", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e903a6b-cd4f-5471-80d7-19708111bce0", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19917958-62c1-5f6c-adbb-8aaf83c1b25e", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec0cbfaa-bdf7-533a-9915-309add57dc6c", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0929dd3-15e9-5693-8ee9-b38b2bbe2038", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36d3fde3-6c66-573a-8a7e-44a2d4a6d1cd", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7280b58-3ad1-53d2-87e8-f0bbfcf2440b", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ebe1bd1-7956-572b-8f30-9165f240a74c", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ac376aa-e320-5c32-8cfe-86c9315c2b56", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15db5fe4-9b60-5f7e-97be-e2d2fbd8a8ad", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e842dda-5e2a-587e-adfe-0c748d75fd9d", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d50be271-4564-5813-bfec-58e9a8060476", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b0c01cd-cb4e-5865-8c50-ce57bbf91d11", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c649e0c-727b-5278-9e1b-34521dec0416", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.82.Final-tuxcare.2" } ] }