{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3ba31449-47d7-5ada-a11d-b134cea12787", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-handler-ssl-ocsp", "version": "4.1.92.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2554505c-7b2a-52c0-8848-1caec4331bb1", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89453745-a1f8-5c5f-b904-904f6d7e92ed", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d677b79-2bd3-5d09-bdc7-ff1a757d7fc3", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler-ssl-ocsp 4.1.92.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f6aa6ec-d027-5d00-bba4-1bed296b3c2d", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceaf6110-e0be-5bfc-800e-7340e3b87102", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e38988dd-bbe9-5c56-9b08-e21bcc74d486", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:615b3e02-71b2-5193-8694-dd7cee69a0c0", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:420ff8eb-0417-5fd4-9c5b-ef14a87fc60e", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63f87c5a-e06a-5e99-958d-651e678828b8", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7badb49-e307-554e-8264-d134dcad8eb1", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afd0a9c1-c4cf-5ad8-8692-ed922aa339b2", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92305f6e-1d55-5566-a0c1-1d6198a7b0a0", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5aeff222-9b4e-55a3-b022-76a349ad778c", "id": "CVE-2026-33870", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33870 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bac1ae7-7a2a-5887-9968-c3a74b3b1823", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3df02885-4d65-5793-ae90-910114ac3d4f", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf7f6c53-4613-5a67-87af-77238c355720", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a4ad3e5-c51b-5cc9-8bfb-2158d4e980d0", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c52f02eb-2085-505d-a16c-4b088f68a0d5", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3cacab9-cdc1-5c2d-8801-a9f068d4db5e", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f58e428-eee9-5707-910a-ad0faea9ad86", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac47fecd-edce-5a07-adaa-72108e244a62", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3135bc3e-f9d4-51ca-a957-f8f6d6bef236", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c707dbb0-a6e5-5c61-8986-99d2df299976", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ef42170-a55d-516f-b43b-9ec04f000a2c", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0f6db72-6b42-5bb2-a1ae-7345581997ba", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f099647-ec17-5783-944a-0cb18b40e5ae", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.2" } ] }