{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0a9b9368-0bbb-5c04-a8a8-01d4c4ab81ef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-transport-sctp", "version": "4.1.52.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c7b407a7-4d3c-5ec6-8fb0-7362d9f7a13c", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:679e9374-6ed6-57e7-af0f-e186a819f40c", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e1885ea-d5c3-5a0a-b0fc-7444ba804f03", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d0b960e-ffd0-5b28-bcc3-c0d55c111fef", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96518d04-728a-5374-b309-3ce3c19e866b", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf5d6563-9464-512b-b3fb-3dd75a13c9f9", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdcfc358-971d-5906-bcf1-797da6b4c898", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c363062-469d-556e-8805-9f4f0a6d34d0", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b32e36a7-3f35-5497-9474-968e77ec0c34", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:877b8d0a-c7eb-5bf9-b951-d3dc66f268b7", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91d63b8e-3722-590f-be70-317af0c80459", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport-sctp 4.1.52.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f81a9d6-c59a-5271-ab2d-0055935cb188", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7248b973-fdb6-5340-9c35-481875bc1205", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efcf4924-119b-5170-89bc-92035b1570d5", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f6fca5b-df30-5575-ae2a-be7372d74327", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a6b387f-1cef-5a2a-8f9f-d209018807ac", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76fe3134-8939-5c1e-8f61-dbc68ac8ef0a", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:537ee59d-6b6c-5cfb-96ac-697aca2085ff", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c88fd875-9431-5350-a089-88c1ea0d0cb2", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2821adee-ddea-59cb-a364-bded47c80d56", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c812f420-ba0b-575b-9f94-7b620f4ffde2", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d20b0738-59ec-5e41-a0b9-20767bd25cb0", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59c68e49-e577-5093-8600-0a61d6d0c2c1", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ebc08bb-ae82-5a08-bab1-c0bcce17473b", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d15fbd75-6f67-5572-b0a0-04beeb11ed4b", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34eb410f-6bc7-5c73-b35c-36f28741b1ae", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9754b0ff-11e6-50d0-a07d-058189bfc24a", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59f84d34-1340-5b9c-9851-fce0d6a53970", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9027efd3-8269-537e-848a-30ce5e00025a", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:731fd30e-a8c2-544c-95bf-aacdec12b7ca", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8afd45ab-4a2e-5500-ba30-513ededa8991", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:120baf63-c13e-5eea-b175-8e649c64f36f", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca347af9-f7df-5645-b371-9e6ac9c526d3", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d1663a5-3b59-5187-aa30-8b4ae1dad24c", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }