{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d8995fba-43bc-5c4d-ba6f-840971d17544", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6", "type": "library", "group": "io.netty", "name": "netty-codec-http2", "version": "4.1.115.Final-tuxcare.6", "purl": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5edf9db6-1875-5107-9f35-34917b1a2e4b", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9323bbbf-058d-53cd-b63a-718fba83c0a7", "id": "CVE-2025-25193", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-25193 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2c024301-86c2-5af0-b8de-07fa960eb269", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e1b008c2-2fff-56fd-8aa9-6ae8b952ba4f", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:64e22184-a1b9-538b-aeb3-27cc3fb5d335", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:92454bbb-f6c6-52bb-b80b-03e1f40622d6", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d17bac1e-a885-5f9d-bf65-c3b61448887b", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5280739e-b1d7-53b8-a077-affea7f42b9e", "id": "CVE-2026-33870", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33870 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:37b37032-da8a-5bc5-b080-c35b7662e33f", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:22cc025d-e549-5e71-a13c-e5964d53fc71", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0b216845-8db3-55d0-bb34-e1e978439228", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d48ce410-9208-587e-ba26-776f0c51b5a5", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7bf49299-ab9d-5af9-80a3-9f13bc5e4be6", "id": "CVE-2026-42579", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-42579 is fixed in version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0431a948-142c-5e2a-a423-841515de8cb7", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f97527fa-76f3-529c-b3aa-8510577ead6f", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1431aa69-74f1-57ab-928e-ade6d2daa75f", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4d8831b9-abda-5f73-9404-4e0565cbd5a7", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d61d152d-cc00-56a2-be8b-e728dcd716a5", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b6e5aedb-92a1-5872-9ac4-319ee60fc0f0", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d2a6421f-2f25-5d47-a820-f6ab67bc2bd7", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a2394866-c8f3-56bc-b662-5f4051706f55", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:87686bfd-d5fe-5981-9d42-c43912803dc1", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a623b3f7-0eaf-5df8-8c40-f61c671b9701", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:439bb1df-aca6-5bdd-952b-ba0b252539de", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fcfff4b7-17ec-5325-bb8e-b89d4e89d746", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aa74c733-d75e-5feb-a221-477e226628f4", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e05c84c5-df7e-554f-ade9-4806e468a064", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4805a6a8-1eef-55c6-800f-0d58a830e973", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d0190f62-a9ed-5a71-b23e-e8b9ad50dbee", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:92b1d216-ea92-5201-93ef-5595e445680b", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:052ee331-db3c-53ec-abdf-5285c66d095d", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9510393b-a59b-501d-913f-51e30d6b97c4", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1f57bcef-68df-5dc1-a1ab-e00b361bceca", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3cc90bb4-af5b-536e-bd92-97d23c4333bd", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.115.Final-tuxcare.6 of io.netty:netty-codec-http2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-http2@4.1.115.Final-tuxcare.6" } ] }