{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:944901d6-8e19-5d23-9e65-c4fb4b16ea0a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-handler", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ab8dc99b-384e-51f6-8d6d-f03a7afd75be", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c44fc86-d6b9-5eca-80c3-a5ab40acc4ec", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba99d844-66b8-5632-addf-3b9bc2778a1c", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6536a938-3265-5170-806d-fba61b6a4085", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34bb0d64-e0b3-562f-90d7-f3cecd73bea5", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d576eaef-423b-5d89-9453-20485873c09c", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3a7b518-82b9-594f-8732-9cadb37f7e24", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0fe231e-ad87-5d90-968f-9f7729ba8c8d", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5eaa3da-a561-5fa4-a804-0f0e664b50a6", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d12add5-2ad6-52ed-ba31-48e4bf0e9f33", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e98d06e6-7d8d-5360-9800-ee47a86a66c2", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ca858e1-cb8b-5d69-a716-9b417d0dbc48", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e90a4475-378b-59d2-a1a1-e1553b625ab1", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3551d89-fef6-5592-8622-fcb4d6aa8860", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9282b0cc-58e2-5578-9d7e-1574f06cdb1f", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08c3577d-3fb0-582d-862b-a82e07309cd1", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c87e0eb-71c9-5ad1-b552-03e80cfa1e4f", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bef1b8c0-78af-53ed-aeb4-3fae9c73f8b6", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e340a72d-8977-588a-b81a-e7e269c4542c", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c414a3b4-5cdc-5e8d-ae35-95ab49a9454f", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d10018f4-9838-5cd6-a6c1-4ccea3e8d3b5", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06fb40a2-51f9-5ef3-a780-a71ffab6b7ae", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34e1ad1c-b5e3-5857-a195-2b5f57a1e660", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9cac622-1009-5573-af7d-78f2730cdffa", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6cab2cd-2049-5204-babe-694d3ca220bb", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7dc9790-20be-5008-a913-be8afd67f490", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce7493a0-a65d-501c-8629-43a6ec3c7c8a", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:384169c4-303b-5c60-90d7-b09d17068d9e", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f363632-6085-588a-9c7f-a3e466d8abe3", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9f7c2e1-64f1-529c-8802-7ce119e18b36", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c459db0-3cff-591d-a17c-388ed85a9e49", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d65d1eb7-6956-5534-bc25-9c0ee07aef48", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac2853e3-e6ac-54ad-b028-eb9f64776ddb", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa6c74a4-2099-5dd8-95bf-7f54852052e4", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df3c4974-90d0-5700-b9d9-db2702467c49", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.48.Final-tuxcare.1" } ] }