{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c6ef2ff1-2ac3-5c70-aa65-88543df1e505", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3", "type": "library", "group": "io.netty", "name": "netty-codec-http", "version": "4.1.63.Final-tuxcare.3", "purl": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:17779f2b-4348-5e49-a35e-93e8243eaad2", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8ecf1f1-8fd2-5f15-8954-9a8c59b3c09d", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fef89cf7-f68d-58fb-9ce4-de0225a0ccee", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c9b30a4-7bb1-53a2-ac36-a18b218968f0", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38f2e352-c492-5aef-9684-1aa2dd3fa1e2", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef7580d1-3365-50be-b90e-ecb43d498c8a", "id": "CVE-2022-41915", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41915 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4531e8ff-39fe-5e02-9409-7c520b3a2289", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae1bd37c-9d13-5091-95a9-4a5f2c7d9500", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11128261-fb96-525e-ad09-146707d3ab85", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-http 4.1.63.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d796366-e3a9-5640-bd54-b90189ba49bd", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1cd3d3af-1b78-5dd9-821a-ed78db971cef", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7bc0d99b-1f26-5e54-bba9-e81f5804e30a", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2318adc-12d1-5578-80bd-5e38e555eb21", "id": "CVE-2025-25193", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-25193 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:575ab507-5770-51d0-949e-f9c762029cd2", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bef41e6-d47f-5954-a82f-d48e6d3a0951", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e775014-a61a-5c01-8a38-1ee410464b17", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fde02e2-3369-5f8c-be26-773f59706e3c", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc4205a7-c396-569c-8942-640d65f6f9c6", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fffbaa12-dc1f-53e4-800f-645a75e494fd", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fac8ab1e-5fde-544b-a232-4e77dbdf9003", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6829f630-f026-5233-8c35-a3a75a9c41a2", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b35aaae8-d879-59e6-9767-86eb7b060f05", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74ea1d67-13eb-55de-955a-d69ff721d835", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d17da3a1-ba67-5113-9870-f08c42ef4704", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee706dab-6df0-5e91-935c-46aa13b96714", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e23c5e61-301a-5084-ab02-ab728e3bd32c", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7886dd0e-c43a-5652-846e-ff426507e70c", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3376ef1-9761-55f2-bbad-7f88e90d0fd8", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52ae1c2f-a64b-5d03-9550-d7abee95043c", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9140e536-ad8b-5dbc-8356-789c84b78602", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e65d85cb-41d4-5c97-9c04-3007638165bb", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90444bf2-4c0c-5a11-bc0b-677508d649ab", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fbc4cf6-6272-51d7-a5ac-ad4b2ce1cbe2", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:770e73be-eead-5b74-9897-bc1afc501bdd", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c818b9c2-6568-5984-b883-6100661540e8", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e45f1942-2cc6-529f-925a-7fadd7005969", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:027f32ad-85ac-543d-8392-2cfa272a2a54", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7653ee27-aee9-5a19-aeb0-d84818dfde2c", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18da5d87-7a23-54f0-84c2-27cf6da1ee59", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4295353b-da98-5c76-913d-7f7bc0318d43", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db9d14e2-7501-5aff-b4c0-527a6290eedd", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65a6017e-44d2-591f-9acb-8e5d93eb2594", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae3d4057-72b6-55e5-8bc4-a410caca609a", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aac2cf68-22ed-5449-9609-edd6c1ba1db7", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70fb1e02-3b4c-511c-bc78-1e7d0ae0a3cf", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31d41cd4-3985-54e4-86c6-4dbd747df0e1", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.3 of io.netty:netty-codec-http." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-http@4.1.63.Final-tuxcare.3" } ] }