{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5868077d-b600-5b98-816b-fe0ed9aab3b9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3", "type": "library", "group": "io.netty", "name": "netty-codec-http", "version": "4.1.112.Final-tuxcare.3", "purl": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5490e931-707c-5ac7-babc-3bd7d358399d", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11cfc6ce-76f1-596e-b875-b422a922ca0e", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a562ffe0-f271-518b-a8f7-c09dfbabae06", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e21acd73-eaca-53f2-86b4-d49d80acb2ba", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64071ec0-0480-5eeb-ab8d-a0bc061b9fbe", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48a0b887-1dd1-52e1-b86a-b694efed883f", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43611f44-c064-5c3e-ac8e-ea715f650201", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac998768-b906-5fcb-a23b-2ae86852d6cb", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fff28f52-6406-5df0-821f-e8cf96f5ae78", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f63859c4-a421-59c7-a3dd-ff35f0cb979e", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74b1b787-ce33-5212-adec-5497b487a4dd", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:654a9276-a188-5c2d-9985-e5eeb24d60a0", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce8d3cc1-83ac-5623-8ff1-cd35b101ed78", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42840323-9a26-50e9-800e-a6b0045e521b", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e473ab81-0518-55bf-aa14-94848adf762d", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b9cfe0d-f39b-58cf-ac5f-74fd47a170df", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee50b774-9e0f-538f-bcab-b513c7373dd4", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66f4eea3-62ed-5d61-a389-f34b090199af", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:445ead3d-10c9-51a3-8c08-c3200f5fedbb", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87de2531-7982-5e51-a9d3-da8701ab55e9", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf737b32-8103-50d6-ba9c-cab9068ea64e", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3927253f-3080-5969-9edc-ec4fb968e0a9", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c349249c-7ee8-5adc-85d2-76b10d4fe8b4", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a75e1032-79d7-503c-8efb-105767ca044b", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adfc877d-47a5-518d-ba73-c2a28c470976", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98113b3a-727c-5982-8327-cf53451f3cf1", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2f1a500-afa1-5130-9acb-b9a9bb1a26e4", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:993d5e3e-ca31-5761-a367-7be6a2981c32", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16a973b5-8b5e-5d2d-912e-6676f868c859", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:726dbd32-b4ca-5961-a2bb-65569a215e8c", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62243d4f-ecfd-5507-ae40-1fcb4c3dd27c", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1078dd66-7a88-5bf4-8392-1dfcd5afb492", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13232fda-9654-5860-a019-1a9a04319b8b", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc25c803-9881-51c2-808d-5690a1e5b96f", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea3a9e10-0171-576d-881f-b73239e38363", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.112.Final-tuxcare.3" } ] }