{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eb6f156b-9223-5442-895c-0ff54e842487", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.63.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f715b75f-5db0-56f1-b140-ec9932307258", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38bfb48e-34f2-5968-ad3a-9f5e3c61537f", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae1e92a1-c324-54cd-befe-eaa5ca342672", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4359a024-bc07-5bb7-b278-6adcf367aaf2", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9315e3d1-85c8-5669-8866-e1146c129738", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23fd1cdd-46f8-5870-8c93-a1e0349556e7", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ef4d978-fbe7-5c19-9096-afa46530ff33", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c606449a-e1ee-58bc-98ac-a96f8918e690", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b213990c-5abc-5240-93f4-96924f5de144", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.63.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:303323a3-c024-55e8-b0c0-2619d1977ba1", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc5e4da3-0521-5c93-8f21-ad5cd0f2dbc9", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28f79f8c-010b-54a1-8111-162499066e28", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29dc2122-2842-5a58-8faf-3d7916d45b23", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f94e70d9-761d-58c2-9272-5f41605d871e", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dd35fb7-a0ef-5666-b347-22a7f7999137", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:894084f7-5bae-54c5-99c9-9c40f2eef7e8", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b144e2f-2f0e-5088-9298-79b4d7896b2f", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2859a9e4-f662-5fd2-9a4f-d12640d1bc3c", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:211f8aaf-014c-5249-b4e8-1df3eb7578c5", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db64c506-f544-550d-a5b5-811949b181af", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08c72702-fe43-56f3-82ca-30edda96ff3e", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a549afc1-963b-51ef-b3b5-65afa6840cb0", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:982b6c21-2a8b-564a-a9fd-468c74066794", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35dec30a-7d3c-5402-b5cd-94807b64666a", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32653c6e-76e9-5f50-a46d-44f81ffc494f", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d05f2a61-3f80-5b44-9b74-bd122d0b73b5", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5be55cdc-1af5-5e4b-a198-49e9b7f09c6e", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:161d372f-26c7-5ca2-a690-30d79db63ca5", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c9123c5-4b43-5e1e-9f63-31ac2e6d7014", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c73d4eb9-418f-562e-9f9e-91f761afdb7d", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7e2d2ae-53d5-5972-a7b5-33135d7ec0c4", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd459423-8451-527d-abea-6de143b7d210", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.63.Final-tuxcare.1" } ] }