{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3f791024-985b-5820-bcda-8d4afe5c7339", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-http2", "version": "4.1.112.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e74a219a-60ef-5c82-ae87-727efef9e95e", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4b3cbe3-1f65-55e6-9f8e-faa50f3bdf8f", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efad490c-0a21-5a71-a0a9-f6db6e452235", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:058aa271-264b-5863-b0ce-bc9f4d0d219a", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7eb7b50c-375d-58f0-89d7-f395bb2b682e", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1be6cd8f-5380-5608-a824-4db3e8578648", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c041249e-4e2c-5902-b2df-39e26ba4b808", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b40d3a2-0af1-5f83-bd83-3da4fd38413c", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc6f2100-9139-50cc-a554-2dab564a1db5", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b50d3c50-2857-535a-bca9-1745783dbe6d", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85a7fe67-2564-5c6b-bbe0-f3bac36b070e", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ebd52519-c371-5371-8267-390ee0a31294", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9004b09-9e2a-5314-95e5-f578d5fe1899", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4da48563-19b4-56bd-8e1f-22e0243e5f10", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43abd7fd-48cb-5721-960e-2af4e8a24bbc", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5cfc2e5-d0f5-55eb-845b-9ce178f6bb36", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7c25280-4a8a-507d-ae46-21134ebc4206", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2c1f078-8710-5a85-8d92-19e2adabf20a", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5b4115a-fb06-59c9-9dcc-67a45ac4cfbd", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8dfb20d-2205-51a3-bdb3-2dd9ffdef3aa", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b4321c4-244d-5bc3-a127-fdf520ece48b", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44626371-f221-5984-960f-f33f4c9207b1", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b391e4d2-251a-5fac-aa71-0bad9810d7fd", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24d34708-a21f-592a-9a9d-a530bec66c1a", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2c8a841-4e42-5738-9b27-dd3c521e34a6", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d535955d-b370-52cd-b66f-5a459e08a27b", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18bd16d1-ffc5-5050-9c0c-f880b6d82410", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ab9f3ee-ef8f-51c7-a74e-4b5d6ea64d69", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fd127b1-6f8a-56fa-b397-ebb314cd5066", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07e6ff18-4609-53e6-98d5-79ed9d26e45a", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20a7ee64-7bf1-53fb-90c9-78443e7cd106", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f639f7f-56f3-5443-a7b0-c93e639d875b", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d908f3f-e5fd-571d-b08d-316481935159", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee61b51d-391b-58b0-89a7-08181706aca1", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:234e5473-0c64-5511-892d-c1d29c9abc31", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.112.Final-tuxcare.2 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.112.Final-tuxcare.2" } ] }