{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:69a8933d-21f6-53fa-beb1-39a3207f5315", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-transport", "version": "4.1.58.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b6a8a028-bbbc-5156-be27-bdeced06175b", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0ab47f5-b5a5-589b-aac3-0280e4cb2b4b", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed49431a-1515-59bf-9791-ce8a49166d23", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7f63bc8-5858-5acc-91fa-8c221964c9e1", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9906c70-fa05-527c-9caf-c52f895d184c", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c96a0cdc-1864-5c72-b356-7247b4fcac21", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8025eaff-3052-5070-bad5-c7e63a3a0031", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19fe7cbf-cfda-5e26-8895-a1ed30ed8abd", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:014d88d8-7bb1-5a56-8ab2-b34983ee3b12", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e12889fd-aa02-54c5-a56e-1070260c8d03", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport 4.1.58.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15d665dd-065f-5178-87cd-9e0fb5e742f3", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9f396a1-faca-5a96-825d-81bab494657d", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c671f50-727d-513d-b00f-60b5e9b54da7", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfb88181-5df6-510d-af50-af3177fa139c", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13412768-d9c8-535f-bb33-3dd82b59d4c5", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d37b39e7-deb4-5da3-b27b-986df3f62ad7", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0fa74cd-bf7a-5ae5-ab9f-1c9b67e00c40", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f1aa619-f844-5f6e-a428-74a6dad8514b", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c07b8b1b-1fec-50e7-bad9-31a755426ee3", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4babb7d4-c94a-5619-b06b-82162d7f3258", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1fb0ee4-a8ab-59f4-80b4-db72aac94361", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f504556-0b15-579f-85e7-98b616a91634", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3898db40-7400-5fcf-a40a-0bbe26c7a531", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:200ac4ba-7bc5-55fe-a4d6-1eca60d75e66", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f26544f0-e3ec-5f1d-8b0d-3fdaf23e77d2", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aea6f994-c36b-5827-bd58-43b6ba3dc447", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5842140-000c-5297-b0ef-c51f1b658770", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:202ac6a5-e4cf-5951-a476-1156bac1e0b3", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2448ca11-24c7-5f4e-bb46-671f2a6a083e", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b41c5a9c-b0b8-57dc-ab50-fd800674dfde", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f000c0c-a03f-5179-8fba-dc07c554a080", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c8c6d40-9818-5f39-aadb-eb5d8188ca17", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0fbdf39-0244-55c7-baa8-923d0b35909e", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-transport." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport@4.1.58.Final-tuxcare.2" } ] }