{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5d18059c-d33f-5da9-ab73-a132aadd9571", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.58.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a43cf60d-e1d3-5d1c-82c5-dbbbfffa1409", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3901a7c-d7fd-56c5-a7b4-77c6dd300cb7", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2ad54ab-1adc-56c9-bd91-62e13234e6ab", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd026d3f-d476-58e6-9948-1a0c515b5bb0", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d862a35f-6bf3-5584-a6bf-808bc4a13559", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebaabfad-fef8-5706-adc4-6a2aa3606754", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca814d7a-f298-5c44-a66c-421edbe24f9e", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d1203ff-e294-56b4-a7b2-084f619aab56", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a909a57-55b2-50c9-b71d-b8bb4ec65738", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdd672a6-d1cf-55b8-b5ec-52d1ee9b2b55", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.58.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be0bbec8-f1b2-5605-8e1a-6f5fb2d1adcd", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c10cf715-a3c5-54d5-a687-7867b6f712fc", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69577bf6-f9b5-5660-90d3-d2b004cdd7b5", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69788fff-17ad-5a4e-b186-150747f4750c", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c7f10d1-9ec7-5208-9f3f-b043d44fb540", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28d8c7ad-86bc-5a8b-af7d-065887c08f85", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97733aed-1517-59d4-9cc1-72d2c52312cc", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9e0de97-9ba2-5142-a25d-e91c18f5661e", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51c2b8b2-7db0-5124-85f6-04e724b7dcf8", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ad84b4d-84ee-5438-9f12-c73cf41a6545", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83c07f3f-5342-5eac-9e9d-80fad4751298", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72b94523-694d-5b3a-9faa-e3bd7fd8f104", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa256d2e-859e-53f5-a589-db2c61d96f1e", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:779c9c22-35f2-5f25-9fc0-045e93aa3979", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df1b84bf-2d82-5143-ab4b-bea00ea85b9d", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27d3c11b-4e4e-5b52-b4ed-d68647a38ca2", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66ee1d91-4e2d-5c39-997c-15e2b3491dee", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a78b5fb7-83ba-502e-b48d-ffebfce667a7", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26ce793f-0886-503e-b7ac-ad05deb33784", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55bef4a4-62b6-5382-98dc-2cc0da7c282a", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44a17bd4-7be1-5bab-830a-10d54574bce2", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86b5b42e-d98b-59e8-a84e-3c3efc7ecd74", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29801314-a899-5489-a822-918c9aea4ed7", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.1" } ] }