{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6f044755-6816-5c86-a437-9253d6076f3b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-handler", "version": "4.1.49.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3220674b-a1ad-5709-aeae-b66aba46ac38", "id": "CVE-2021-21290", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21290 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cf6db6f-f737-5cf2-bc15-884058219f8c", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85bee7a0-0571-57c2-a178-9bdab5aad919", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e660e29e-3da0-568b-8635-126776ac3e46", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40c4e603-4dbb-5f46-a90d-eb2f055e8293", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a15b4781-bc55-5aca-8e06-02f402a155d7", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6968313-9c62-5dfd-adad-99ebd3f49ca4", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:788a3c6b-354d-592b-b4f5-db07cb98272e", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c05fd98-6837-5351-9174-a50515ace75f", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b466a5c5-8dd2-5d9c-b6ee-846e08404492", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:200316c2-e35a-562f-bff4-ebb009f5109b", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e678f16-0398-53a1-8fa6-760b021f0917", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-handler 4.1.49.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d4cc83d-12b5-5250-9c59-791f373e8de2", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19d11c76-942d-5b02-9da7-cfcde1df688d", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14c46d8f-7ec5-5dad-98d6-d47218165366", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf953f1a-1dd1-571d-8de8-a83a32b13ee1", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d076b8c-246d-5018-9212-5a75c9497e6d", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:812f4b43-2037-53cf-9dbf-6ce54158a837", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97a5587d-6ea0-5834-af16-e0519968c481", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f399840-231f-538f-a1a8-0aca34f037e8", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c35f7051-ad94-599f-b6dd-303ce23c7fdd", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31a4e69d-d3a2-544e-80ea-27990d378adb", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad4ddb86-4bb3-5a2d-b460-6c8efc8b671a", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4d0a553-8e85-5469-82a1-b6469454102f", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6adc8de-3884-525b-8fa4-6c5085ae556d", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b4df367-023e-5712-96c3-9bad66604885", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb06fccc-6fa7-58fa-affa-213ca9ea6a5b", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d51145f-d701-5033-86b5-7d4c286f8538", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2eb83528-5ca3-51e6-85a0-1a1fdae38f7b", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:162e06bb-ba1d-5478-9abd-320bf79e7af4", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e3066aa-c36e-5e26-a1a6-fc18dc45e626", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc5ae8d6-d621-50c1-9c70-31c050ca139e", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9abc6122-a387-581d-b17c-a8b060e3e025", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0025afb8-5f4a-5662-8a58-044c90ead2e3", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fb459ca-60be-595f-b22b-b5cf553545b3", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.49.Final-tuxcare.1 of io.netty:netty-handler." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-handler@4.1.49.Final-tuxcare.1" } ] }