{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:81467d1a-152f-599e-80a6-3b29c4e669c1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-transport-sctp", "version": "4.1.58.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:981e30a0-0fb8-5c04-b914-7da6c192d812", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2da9f9a8-e54e-564b-a710-9766d871241c", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9872967d-5333-55e9-aaad-a2ac7b06b083", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0258dc4b-cbad-55a2-80fa-e4d0de60b596", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ebbaf76-7b7a-5684-9f3f-6fad3d28b104", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e327f82e-21e2-52a6-8762-f12f5bc6022c", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:600b755f-2ce9-5e10-8b8a-c774581604b3", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c93c54e-c8c6-522b-910a-aea14de1924f", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffd5dbf4-9518-5fbe-9e39-0899daa8d93b", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a89a797-9147-5ff8-b66f-b7aa22a0e7d1", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport-sctp 4.1.58.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d9d7c3f-52ab-511a-86ed-f1178e513fe3", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a81e7188-f53c-5507-ac08-d16091f072be", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3415ce77-0753-5d12-b995-73b573e9b1df", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7f61427-4922-53cf-88db-b6fc496983d4", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91090b05-ecfc-558b-81fd-8d9b97fc4c43", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fcb10a30-1c7d-5a1b-ba07-076471ce0f8e", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:853c6b45-bcb3-5adb-9680-257a60c5839e", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42c549e1-a2b0-533c-9299-dd8e1d92cd10", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cff1f0b-25eb-52c5-93c6-70db03d3e95d", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f11fd938-c1f7-5a9c-bc6d-b04bc38d3dbc", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0997abf1-fc23-525e-8c60-8707c54ab21e", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36675e00-8ddf-5713-8c90-c5b2c20b9877", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c411012c-4195-580b-b189-24fef7dd6430", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:219df8c5-2c50-5b7a-b7c9-b330e68584d4", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e073a11-6abd-545b-a2eb-3a5f5a8cfeee", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28beb6b7-00da-5195-b1d9-1611aeec0f8f", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f88ad4d-8dc7-5602-b055-6706ca88f353", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:185903cf-f678-569c-9a15-ecf3fe574b52", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c6f2ccb-5bb5-53cf-b681-744218dda328", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57f7f34e-275d-5e1a-9f7e-2ee308f7ab9e", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecfd0c03-924e-5f97-8214-d2d5f03b2d87", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4c70727-4a07-5917-8f95-b8d26eaccaa0", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64856dfd-209e-5254-a6af-5a617a8391c6", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.58.Final-tuxcare.2" } ] }