{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:187f3f97-f995-53b4-922e-f1b8ca1f6cbf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.112.Final-tuxcare.4", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c0508f12-889c-57fe-80b9-643438a3fda5", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77a852c0-2c43-5651-8c69-6dad36c3d196", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:977edb52-5121-5094-89d6-a09b3941f265", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34fc8a54-a19c-5d96-840b-a0bc5a1f6b45", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b81bdd9a-1c5e-5042-9868-a04f2cc8434b", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c68a0c02-f0c8-53da-983f-3186f486363c", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:122d2062-b13c-5f1e-87f5-2dd9a1f48026", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2f66c23-725d-5366-8a75-17d3fa8e78b5", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b60a3b0-ef29-568f-90aa-4545aecf162d", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae13602e-1ce5-54dc-83b4-30b1f70b0b6e", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db508877-56bb-5f69-92d3-5793ba9d0962", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1cd4ff3b-bedb-5427-aaf7-c3fb90845266", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a31679f0-4c64-51a9-abb2-c16b2f5adb8b", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76352450-bbbd-5c90-ab02-4d6280e64918", "id": "CVE-2026-42579", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-42579 is fixed in version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcd6878f-40c3-5c7a-b751-5537dffb9618", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7007ea1d-eb33-5f6f-9b0d-96d57d5d3657", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:901df1dd-8f68-5363-bf26-82fe0bf77464", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:934c07d3-5357-5e14-9365-dce56d2f15ba", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22bbaf66-0ea7-5ddf-b815-27328c7c0496", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a02235cc-20d7-5502-a86d-2586493a6267", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ac1b468-47d6-5122-80ca-e5d9eca6f3af", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:370e2a3b-366e-52f5-88fc-5a1daeb37b95", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8974dc4-4118-5fce-aeab-27e5d9b4e7a4", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c0b35df-42f8-5cb1-97fc-16631d82ef26", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e01900a7-77e9-55c7-a751-15e3ec9a66b9", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3023c5c5-07f7-555b-b64f-9e60516f1273", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:633c3016-c894-53ea-a647-d34a32b643a1", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ae90017-6090-5088-9bab-8a0af8f9d789", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:305130e4-fc1c-50b3-86bb-dbdc563d83bf", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d0d6fa1-d5a5-5f1a-8ef1-ae9998d98c22", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52457d0a-2655-5998-b338-3f683131349e", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:031c9b7a-e24e-5c2a-b702-ee68c6b65c39", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:caaa7601-caa2-51e7-8276-8b94a6bd5a48", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5cc170bd-4821-5308-a040-0bff03de9dbe", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e212adb-9f1e-5432-b251-ee4a89de0db8", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.112.Final-tuxcare.4 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.112.Final-tuxcare.4" } ] }