{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d347185a-8f05-5113-9ea1-236520a49eb9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty", "version": "3.10.6.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:90103d64-7c2f-53ec-949e-61627de94b54", "id": "CVE-2019-16869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-16869 is fixed in version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70f289fa-80e2-530a-b5e1-2e1f093ea84b", "id": "CVE-2019-20444", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-20444 is fixed in version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f73c218-10e8-5ecd-a38e-4c53e21b9d1d", "id": "CVE-2019-20445", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-20445 is fixed in version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e69d7fc8-a81f-59ae-bb50-514982570f69", "id": "CVE-2020-11612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11612 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15e131a0-445a-5602-88da-7141f4d8caf4", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:089083ed-e2df-5e61-9789-6df16062ee73", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4beeec4b-ef3c-5a9f-afd8-c312caa7dc18", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfe7c54d-3475-5c49-9b78-de9c8e0c4373", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ba81e2a-8a1b-5cff-86fe-e25e3246d2f9", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10d794ff-62c8-51bc-8832-dd4335a60869", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a68358c-3358-511d-900e-20fbaea7525a", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c0c44b7-f9f5-52cd-bee9-e1609757fc70", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc92da17-7e54-597b-81ec-ea355f5cc386", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b4b7925-4c83-50e1-aa3c-72fd0dec6dd5", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fc0a478-c4ad-59b8-b8a5-774f91d34094", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfd5d90a-70c0-58e0-a0be-b602e8f0e121", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7d8494f-285d-5b6d-9482-3b2809a4b6ca", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ba8d46a-0d47-5a5c-a530-68958e5f8444", "id": "CVE-2025-55163", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-55163 is a false positive for io.netty:netty 3.10.6.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42482318-3e1c-5405-9170-9049b55c27cf", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e639d7d-2b4c-57e6-b8e2-56b8cd75e4c8", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2ae4270-4556-5cf3-8960-e278a2649d63", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 3.10.6.Final-tuxcare.2 of io.netty:netty." }, "affects": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty@3.10.6.Final-tuxcare.2" } ] }