{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:33fd6e13-4640-52a9-84ea-123ddcb88dfe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.60.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9d778bf4-0383-51e2-bfbc-3abf2d4c749b", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f459b3c-a502-5cc5-80ab-8e614dc11688", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62fbc6fb-7890-515d-84ff-20c8e4f69775", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b715db2f-a2b8-533e-8a03-ab528fe5b4dd", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:147daf98-f300-5b3b-8d26-ec8c75c3d50f", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b035a6ec-9d5d-5fd9-bd24-332b44a165f6", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:975177e6-644c-547f-8413-57d71e4a298a", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ee404dd-4348-5f08-aedf-22906351d3a1", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9826f02e-bf4c-572f-b994-7bed5ac5552d", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.60.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0413b313-3094-5904-a391-f9fc95f73f4a", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0787b32-60fa-5695-954b-8b7f20e012c3", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e01eb8a1-711a-5639-91d0-3ed6fbf9caf2", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceb5cb47-ce2c-519e-b8db-282d793d4f67", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdad4ecc-ff2d-54eb-91fd-dbd890bc3d37", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb16b4ba-a0f3-5dc8-83eb-eacb0edd2fdf", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afc60caa-bc83-572f-9558-04eb28a2bbf7", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b80512fe-9623-50fc-872a-ea3fc145454c", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f9fde7d-aac5-5a90-9475-24141766688d", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45169d57-b45a-5a39-bec3-6bdd885dd049", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2605b20-ac44-58e6-a294-56cb80921eae", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed56a60d-a56e-5603-b6d5-976fd0721958", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2c932d0-0e88-56cf-b3b9-ed4b0a68ef94", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53e6b515-f4bd-5862-98dc-9fce3ee49e99", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1487507b-c7d4-5bc7-b5da-e8d5345c6ceb", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f324952b-97b6-5f11-a09b-1b1781b26077", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0af680a0-8b99-541d-9e31-183dc329852e", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f767d9d-d1c0-5470-b83e-77f613e487ea", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edf67ff8-3994-5242-978d-f4c620ad3696", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf174d6d-b3f7-5222-ae60-1b629975272c", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7737150a-941d-56d1-9398-71ab883b66d1", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d5cbb3c-32ab-510e-8d10-c01cba0b1f53", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:918ea9b3-bce8-5687-a32f-89e419c22557", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.60.Final-tuxcare.2" } ] }