{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d1ba45a7-8fd1-5d06-87c0-d7eb01364828", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-transport-sctp", "version": "4.1.82.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:daf38236-2eb1-591b-b50f-531e2474879f", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e0123f7-07f1-526e-8afe-3ebdc7826997", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b4593cf-23a7-584c-b9b1-1615c5c390e3", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4a9ae29-8b95-5e81-a22e-317009f4c95e", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a783354-9671-5dbd-ad94-521247982f67", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport-sctp 4.1.82.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a018bc2d-1989-5ded-9369-b737907580a4", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b1c0927-df4f-53d5-aee5-f7e65f94182f", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39d12ad7-1a75-5eeb-bb81-180e533117cf", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2c39577-3c85-582e-b3b4-2737d6ac752d", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee994d6b-2250-5957-a4ce-8ea674f0746d", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abf2f351-3511-5d91-8c3a-576e56cd2237", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3024fca3-e77d-598c-8531-d261f51625e2", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73ce2935-47db-5697-bfc9-cd626330d81a", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5ad128d-f56f-565f-bd82-0cd026b759f2", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c387b2c-1d68-5f65-895a-4202f1064312", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42adf127-da4c-5621-8c15-1b1111029aaf", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1eebd76a-eacc-558d-bf0e-2025b0520286", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05f34e62-6f50-589c-857b-a36329c9d9e2", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a727b05a-2bb1-5983-861c-7b6cc915f27e", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:588c9590-5da4-5317-9a68-56243aeea20d", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8620fd43-0107-5c7e-877d-24ebed169377", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2489e560-0ba1-5181-b6d7-eb3601100460", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e64f1618-6c92-58d5-8c5c-67bc95d7609d", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:750392c7-4a03-5f85-b08f-06683a3a1231", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98a975eb-33fe-520e-84c3-a5dec5ebdd0b", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bde42da-a4b2-51b1-bbee-43efd5a89517", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:331c3e03-8ce0-5e57-9a39-c065838f197b", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf40ac3b-368a-5815-adf3-a362708f7335", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.82.Final-tuxcare.2" } ] }