{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f704e375-b17c-5b98-9f37-873dc346b3c2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-dev-tools", "version": "4.1.58.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a68db056-042d-5809-b484-853e248042af", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c704741-104d-53f2-b903-339276ec5a10", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66b8a3cb-b570-59c7-950f-222a8a4edfee", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:048ca64a-ef8f-54ca-891e-0150ddbf96d5", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88a629f7-6326-524a-a134-dcc265bfb47a", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b98aa138-b6f1-5639-85a8-5a5331c99334", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a73d054-15e7-5c72-b939-ecde81d1066a", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13a81ec9-ddb7-5909-98ff-392049cb8199", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b3ac4b8-41b3-5855-b3a9-46dd77c2d91c", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96bf2cf8-9134-535c-bba1-28cd7cb2c437", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-dev-tools 4.1.58.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51d5b195-0079-5674-8df9-3ff066988e49", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34cc4741-edec-5a47-9b74-f771e3247725", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2f96f9d-be01-5f3d-a0de-9ce0c7c9b7b1", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af11f2f3-6c61-510b-acab-3f837d6a4a39", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:927f4ec2-20e2-5ae1-aaed-20a7ac4b8736", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:978e1c86-9b39-5f78-8567-d0a6282d0711", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b38a4b21-851b-524a-b2f4-ad40326b3b74", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bec3802-937b-565a-ba64-644ac55c2ecf", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9883b226-72f7-56f9-b383-3d4fefa17345", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc80097c-e82b-5f27-93af-95466079f5f4", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0971b05a-ce09-5b85-8206-d66a7d691737", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03af61e3-8a80-5f17-a77f-2ae4a12f94f9", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ac28968-6f83-53a1-b215-bb0c59fa4d92", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0596dd5-918c-5047-a435-b08100cc6766", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f136c5b5-e408-543d-b9a0-836e65e77903", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:282b450a-c743-5c31-b025-fa5734c5bc95", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d01273e-d5a5-5f11-a9ca-d9cbf50fa2d2", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8186fc15-4538-55d3-beed-0f7b743ee20b", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b62fcf1b-3881-56e2-818e-7a011b47854a", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a4eaeb4-1ef4-5340-bdbe-6131badc184a", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8acb191e-ab93-5be6-8eb6-465b059f5164", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be8485da-43e1-52bd-a686-1c9f12bc31b1", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3b99a42-832a-587b-862a-8f763fe8280e", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.2" } ] }