{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3fc9d735-3644-5633-87a5-5be866ad52b1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.58.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:548edda3-059d-539c-8d64-ba4bb997a956", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:263a963c-3934-584d-be3c-94e8b985ddc7", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e2a4795-0970-5e4b-abcb-6991658f1a83", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:feafc617-b46c-5386-8645-d913c21da412", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0860296-c9dd-5a89-a8a8-e3a6662bfa54", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a3b743b-a47e-5c27-b99e-92be1d2a36b8", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44af1308-b0df-56b8-a50d-10b6112c8dd1", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61a600a-3b98-5a75-9b6b-ff009b09840a", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9586ca34-136f-55ba-8a8f-5e9407385a21", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05fb7d4a-f866-52b4-8375-cb5be76a90c9", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-xml 4.1.58.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37d59cb9-b683-5aa7-8baf-58b812f527d2", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ae218ab-272a-563b-8ab4-9e4356d18528", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:415591eb-ea94-52c0-a59e-69cc2d2e122c", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf518077-50ad-50c0-810f-63854d05c71f", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fa6bda9-4113-5822-86c9-145da01f8d66", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:122c3867-b09d-5ae0-a11a-0a3632c77303", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16245467-bab2-5f0c-9f60-214e4e25b2cb", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9988138b-4db0-5c96-aa48-6bdd4bea3f7e", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef39dd4b-3f88-5753-a184-8efc3b80f510", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17a61cde-35a3-5ef7-82fa-c74c735f44a9", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee0ad979-755e-5b37-8edf-916997908adc", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afea737d-61a4-5acd-a294-30ebc113e7cf", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ec68d1e-b417-5c6d-aabd-0c72bc491b96", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:630a60c7-9c6b-5525-a1fd-5a6d408df300", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cad1cc5-c76d-5aaf-930f-9644c866a8b6", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f88da219-0040-56d2-aa93-f17245f0718a", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcaf669f-5684-54c6-8614-a62efbbfc3a9", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef360c3b-370f-50bc-9c57-d6f33ee92937", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e61a7b8-3427-5172-9e04-bdc0c07e9c6b", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1256a7da-a37a-5460-8201-c1d08d3165ff", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c2e8ab4-6ab3-5f95-8a12-c9885e0fd3e6", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ca3f4da-9e68-5875-90d8-0fb8f9df78ac", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69403dd0-4e36-5b6d-b024-5c4a12fef068", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }