{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:daf47781-35e9-5b5b-ad5f-6bc9315ed3cf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.115.Final-tuxcare.4", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:44690e0b-823e-5cc4-a778-0e9e521f3057", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0f3a43a-4aee-585b-9751-0f77dfc59e5e", "id": "CVE-2025-25193", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-25193 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c807bc0-185a-507c-a6b4-fa64747ae24e", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e339c1d-114f-5d44-aa11-8c3b32a2c64e", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdf5d2be-93b4-5c79-b06f-02c35bc5dea0", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e19e5d82-e14a-5015-b221-4fff4651ad93", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bb56868-7f11-5fb4-b654-f6375f8f7d01", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65501392-02b1-57cd-8f39-74f331af3a67", "id": "CVE-2026-33870", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33870 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc1574fc-7b96-559e-913c-36acd0c55477", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0bea24c-21f6-5955-adc7-cbc100bfb515", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b97f1446-dbd1-54bf-b4ab-4a6343c75d8a", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9eaa0532-78f1-5b7f-a512-c35823fa37dc", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5cab20d3-f6e6-532f-82dc-69b5b1b55596", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:627f6059-aa66-562a-ae0d-bb9d6413a27a", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5593fa2b-ef15-5651-98a4-8ff27ccaa0e0", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6205cd47-4473-5403-a5c7-0c4c8dd09853", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c1de96d-8dfa-5086-b96e-c09635d3636a", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ba43486-0378-5ec5-9676-6bff810bfc92", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b60b99b9-52b2-5b79-a65c-d4d9c0254c77", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:486d7cb3-d2c8-56e5-bbfc-d8b54d7f3027", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.115.Final-tuxcare.4" } ] }