{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:39300773-fc20-5b41-aab3-33c5cb8470dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.112.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a0a2aebe-9e03-5ecd-b504-7a9296504c1c", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cf20733-099a-51fe-9db3-e3418653e27f", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72d87e75-277d-5097-9a22-73ee38eab7b2", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1d22ed0-8934-5f3c-912c-351e03d5668c", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4733d914-6de9-500f-872c-6e38701cfcbb", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a2e4088-84fa-5098-9b53-d5c2a2aab9be", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8804393-9dc9-51d3-abe6-7e7e23fe92b3", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97aca160-c07b-539d-a685-faa1cc85ceae", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91297f41-6e9b-5a47-a3d1-8f68d9310545", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23b996e6-f79a-5f0a-b181-1077b537cba5", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12f76df5-16e9-5b08-b70b-7bb8daaa0971", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:666f53a9-79dd-555d-964e-da44c5e24ff5", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50ca9ab1-7589-51dd-884c-e6471b2c4145", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9260edae-9a37-52cb-9a01-4deecc1b4628", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abf17412-6b79-5ff7-ab3a-36a6a6b1dbdc", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e88bb9c-0e30-59a6-9abf-97642f93be8c", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4dee590a-54bf-56e9-a7d9-c0abf0d74494", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfe6c599-8ba9-527b-9187-fca6622e5f0a", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1168162d-f9a5-5178-af1a-67714ee0f7b2", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab0a1fd1-34e3-5efe-8d47-19025719d0d7", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14b16525-e317-5c1e-a816-964e770795aa", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.1" } ] }