{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:91788efb-f386-5f15-af72-ef3b8fc19e67", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-handler", "version": "4.1.73.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4b93cc71-515d-5330-aef3-33d144a16b1d", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:816aa593-2cdc-548f-9786-e2d6dd6671ed", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57260886-b4d2-53fa-8d2d-5a3766b27e70", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbce826f-5c06-59eb-be74-f9bf7cd0c107", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd0ec3b5-076a-56c9-8e47-f30e670e5556", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c22ed9d-3830-5c23-8081-995a2ee963dc", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler 4.1.73.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2536d1c6-6484-5442-82be-127adb44d67b", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f04b04e-4a54-5735-9cb1-5c1f26fe1fc8", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23fe040f-9cea-557d-bbee-fedd4210cd6f", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11f061a7-8337-5eca-ae5b-32fe5219bb30", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e999b1a4-df98-5d46-b0c8-bbf8940c3e11", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d27dc153-6477-5857-8f25-76ad288f196d", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b97152e-8420-5503-8fbc-9db7b9f15e64", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3724d927-006d-549c-843a-51d9aee1cfaf", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b92b05d-7feb-543f-8e77-fddac0db9c66", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc4a345f-9fe7-5bab-938d-de49e69ad666", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8750c417-5000-5845-8b8b-171983fdb18d", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9f5f874-69a2-5996-83a8-a84379f2ce43", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7adb3898-31b9-5fb9-88f7-118b3c85bbe7", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ee52717-57d3-5bbd-a923-888d1ba171bd", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b819d91c-fec4-54fd-968b-0add8e977af7", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5ef2004-0392-5c46-ab0d-98f9f7c54947", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43a3167d-2019-58d8-95ef-018d25040096", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bb7aadc-5b80-5e53-b696-2eb7c05e2ce7", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0863259d-cb45-5dd0-a608-d97bcf1b1135", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbd82476-1073-5786-8120-b67f1214d285", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fb518c7-4d4d-5399-8709-b12049189680", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef926e41-5d27-55bd-be03-cab4215ca18f", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed35c8b5-3e21-58a8-956b-a33effb848dc", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.73.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.73.Final-tuxcare.1" } ] }