{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:46b0dc42-980e-573a-8ad1-6891537cb49b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.49.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:96ba0299-48c8-597e-8486-e4808b42a1d3", "id": "CVE-2021-21290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21290 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de2dc4bb-b988-500c-90d7-313ca88a0493", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c2d1383-3ac9-51ee-a541-58e777060711", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93d064ce-93be-5281-a522-c02b0670f883", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b01407bb-4848-5b7d-bf2c-7c0cb3d06d36", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbbd5bbf-f418-5b31-9414-6c9a71f74a9a", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b63f8895-3326-5163-9f91-7b5530ced8d7", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ede839e4-7cce-5280-bb42-071dcd54d4d3", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25693a2c-9764-5393-a44e-b2adbd9660d2", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bca9aaa7-4619-5345-83e0-f429b12ff1c3", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d05d603f-a7d9-552a-8ac6-9e2a54eb4e86", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd9b1248-f786-577d-9164-3daec14cc901", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.49.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18105514-6fbc-51a6-b859-fd901dd7ac0d", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f43f7e39-2c9f-56e7-9a1b-2ca9b52fb43d", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fd600e6-0eab-57f1-b0f5-e831bad55ddb", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14f5f5e3-bbaf-5e99-a926-e1d743e2d808", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1373832-9d17-53bf-8650-5c836e67b568", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8791a548-afc1-58d9-a6d8-3c4f9c95531f", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7f8d29a-336c-54ee-86b7-a245cff1bf4f", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65a0314c-fc48-5df8-b112-6bb561637737", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:457a1436-4697-5a47-96df-5a4b25b893eb", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7169e313-3f89-55af-929f-766b0101428b", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3182f79c-3ff5-5d6f-8e4a-38edac28e7b5", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7b22234-7eb5-5c84-bd71-2ef80f629539", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e526fdaf-6ae5-54f0-ae77-c2f7d3d2b753", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:412decde-0197-5772-8f1d-a1f815853734", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1d4d068-37eb-5862-9922-7c12f0c25ce8", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a74ef124-6694-50a0-8440-59787aa86fc1", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85e962a1-a2c1-50c7-beab-6ba1de472f73", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88f8fa35-f693-57b5-a37c-896774042ee4", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de91cc96-fbf9-554e-afa9-63359df3dd48", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc5bd6d3-d320-5c0a-9d66-e9cec9d16b53", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64ca0ab7-2740-57b7-8be1-a892c3bf1088", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7b39db5-6fd4-58b3-a530-1445b34587b4", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21c6c772-f13c-5b42-aa25-cdf1b3549755", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.49.Final-tuxcare.1" } ] }