{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d84ab528-9aa3-5585-8766-445fd3c2884e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.58.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b9606805-1bfb-5154-8f07-731158d3c771", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d933fdad-441b-51ca-9c6e-14d5a373d793", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9defe64b-170a-5509-8bf4-fbd8910707e6", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2ab7d8b-15e3-549c-b6b3-caa5fe19c9f5", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b45497fe-3eb5-507e-a08e-6e12b752f728", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3315bb72-4532-567c-823b-9f726d64df61", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0061cf91-f68f-57cc-b8da-c97950b7d679", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:398796d4-12a5-54cf-b6df-27b4bb75d6ea", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0b2489d-800e-5761-9db3-b1293d6eee72", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ff13483-a1b6-53a4-97cd-7b0dfeb20063", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.58.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6a84822-9157-5053-ab2b-99a1087e0b56", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f52fc1e-e1d4-5357-851d-374e1e58d870", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:708247e4-0fe9-563d-a7ec-dbf1e09462f7", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dcf479c-fb4d-5fb5-a81e-c55f5be72bec", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be6a5b3b-fcdb-5da0-b769-524e2ccdeb5a", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3782125-b82c-5695-a06b-914909a62660", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04fe739d-44cc-5043-83f1-4880584d9612", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e8055fb-6dd1-5021-8a4d-573c7f617306", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7909655-468b-55a9-a022-8c25b1ea2a7a", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdc9b195-928a-5704-9df5-b8e15974dc76", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:807ed483-d7eb-5b67-a3c7-d5f10b8d8051", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c934bd27-98dd-5871-b473-6d4535ef2037", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55710cc8-119f-51fb-b14e-aa760effd2b3", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d94627d4-76dc-597b-9cec-57a3a50710cc", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a8c2295-3419-5a6c-a997-51566ab9c430", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2b08c42-bb63-51f6-a83c-4795e0b9bbb9", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0cc37de-5b0b-51ac-b7e4-61db9ddf64e5", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:059d3985-dc4a-5cc3-a3d0-dbf75f7a388b", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a1bc648-7a3c-5563-933f-42b48d2ce1e7", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:452620df-1b0e-5ef5-9de7-156abebf2691", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d4b3b24-0835-5fad-8015-272a66c25145", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1d90853-aba3-5ec8-a822-74892e18c535", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b125b660-58bc-5620-898c-ba8cef10c753", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.58.Final-tuxcare.2" } ] }