{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ce3b83d3-f9b1-5575-b37d-42648125b61e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3", "type": "library", "group": "io.netty", "name": "netty-handler-ssl-ocsp", "version": "4.1.92.Final-tuxcare.3", "purl": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:88e7b7ef-a19c-5483-8cb2-527f932ce241", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77eb81c3-31ee-5af2-bba5-59e43239df3d", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd03716a-0eba-593e-ad28-22f297b8a511", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler-ssl-ocsp 4.1.92.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0de54300-45a2-59fe-927e-d86900285f21", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50a3dbc6-0869-59da-9189-b79b62c102d1", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36389c15-f1fc-5196-a921-206963044e5d", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5e0add6-7881-557a-b522-74d051db9033", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b2c5453-b8f2-5b0c-a309-0518120f2311", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa6e517f-8bca-5b9d-ab44-7444d0f3150c", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44fcad5c-d8ec-5b23-8173-b93605591890", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a876a15-6a34-57b5-a88d-a52e1f008ada", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66d0c936-a94d-562b-9b66-72160c4426bd", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8c135d7-fe85-521a-b9c0-0cd1c6136b64", "id": "CVE-2026-33870", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33870 is fixed in version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b99fde98-e299-5e9f-b7a7-38f86d25bbc7", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5349cf47-df14-574a-b6bf-58475fa14666", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:922f6401-9276-5b21-8f12-4d8e6613495d", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:571e54b6-4340-570f-8415-5c821691f0e7", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b322779-8e51-594f-8526-5f4f1f4b2c4f", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:060e54cb-e282-5675-a872-06f38a898326", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7609603-39cc-562b-b0ba-abd01882b81c", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:327f25ce-5893-54da-9b41-e4dfb74cba4d", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:473820df-9d54-5869-8235-9a63e8b82e61", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a56ae801-6bac-5006-900f-3ad7c3180269", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:281a6357-4341-5582-a84f-b3795d593122", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b531b8f-5494-5222-97b2-8e230b32ee97", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52aca6d5-77d0-5259-aee2-c831a63b2f93", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.92.Final-tuxcare.3 of io.netty:netty-handler-ssl-ocsp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-handler-ssl-ocsp@4.1.92.Final-tuxcare.3" } ] }