{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:76875cae-ef73-5a6c-ad24-6ee2c750e456", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty", "version": "3.10.6.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50193696-5260-5680-939e-df6a9c2e5af7", "id": "CVE-2019-16869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-16869 is fixed in version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40def07d-3085-5cce-b2f0-0295f90c0e6d", "id": "CVE-2019-20444", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-20444 is fixed in version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7dc6d943-9c03-5795-8b71-38787da8db7d", "id": "CVE-2019-20445", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-20445 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fd5b1b8-0360-565d-b2c7-ab2b94518d67", "id": "CVE-2020-11612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11612 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:021bad9b-f981-56a2-9cf0-c5460f335193", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f72dda5f-c51b-5e5b-a6bd-ba09880f7dea", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8794dd24-3144-5a08-b29d-2607baf9f0f5", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bff2b2b5-8ea5-5786-8c90-b1838d1c9856", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56fd7cb7-c978-587a-a186-af73bcab13cb", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de777984-6ee8-5417-9662-31e46e63bb18", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53f5028d-7438-507b-a2e7-61de8ef8aebb", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6d5768f-2926-5866-9ea3-155029fdb6b3", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67df855f-5bc6-50cb-a3b9-2f04d675fec8", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0feafebc-90a2-55ec-9b14-8c7f326a1480", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c32db0bc-6f43-5497-89d0-d65c7b32f6be", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abc4bf26-3ba8-5f14-8de8-7782ac7c83a5", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e602fb8-3ec7-5e33-82eb-351873f99509", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48dcc7d4-0970-589f-8298-546d67d204c2", "id": "CVE-2025-55163", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-55163 is a false positive for io.netty:netty 3.10.6.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53322236-cf9d-53bb-aec3-2c20391588e0", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f9fddaa-64f9-5a6b-98d0-c59a9e064241", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c064cf43-a81d-5fc2-bb66-3612412ec5ee", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 3.10.6.Final-tuxcare.1 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.1" } ] }