{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:64961af3-8089-5246-b4b0-7e0ca32d1517", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-dev-tools", "version": "4.1.58.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bcdef2e5-7cbd-505e-8944-144275dfc880", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0adee052-9e85-5b9b-a6b5-2fed8a3ddcb4", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe092535-1b3f-50c5-96e8-1a15c5484881", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1d4b754-1fc3-5a84-bf5f-fa20713b3d72", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c5d907e-9596-51c7-98c2-88c285ad8657", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa652340-7ba0-5bf4-bdf0-c48b10ba1ad8", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e78cc7fa-f187-5f0d-8ee1-1248aef98622", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d26f38a3-77a9-5e6b-9b06-bfc5c131c57b", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e533612a-2ee4-5c3b-86ef-3de2aba3d7e2", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd8fd940-c1ad-52db-b1d7-78f23e70b295", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-dev-tools 4.1.58.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e548d8c-e3cb-54b4-b681-d51edabf0ed8", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5afdb129-0562-5aa7-81e3-bdd54e7016a3", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:869df867-9fb5-5b77-acf2-b1a309a0f080", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e369456-ae81-50ed-a825-736479031fb9", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a851782-d970-545d-8b24-4858cc2ae67a", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:296afb02-7b0e-5668-a771-d837fa97c96c", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d0acd97-63d6-53de-a4fa-e1bda4403ccc", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8b13d3b-dd4e-56be-a3c0-84a82ebf3e1a", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54594f52-c141-5a3c-ba41-8532989ef7ba", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:021cf61f-09ab-5501-b1a7-571a6528b563", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5f4e724-83b9-59c3-9f13-6c7627b940a8", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbd7e476-6ace-5170-89b2-8a07568fa0c3", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:938b6699-6748-5465-a7fa-125c1690b36d", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44df44f3-7483-576d-85b3-f536b8f1164b", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e73bb1ac-0748-5acc-910a-3a6e26d2bf25", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f30f17fa-7d6e-5038-8a76-d6ec73bf3252", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06bb4add-4e0f-51c3-b1b4-dd29d0931858", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8709d8ba-49f3-583e-b1e4-c5f82a6e3677", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05fbd8e5-4068-5177-a937-b00c120eb20a", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e4470ec-c82e-5350-8890-4c6b05fe570d", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7db89aa-01ca-5fa2-9bbb-d1886b2f9974", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95f3fabd-c681-5a23-b7a7-49e06d0514b4", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ea1566e-0cb9-5821-b5b1-2fecae2e002a", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.58.Final-tuxcare.1" } ] }