{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:62dfe614-805f-585b-a182-cf92a1e65b38", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-xml", "version": "4.1.58.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:548edda3-059d-539c-8d64-ba4bb997a956", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:263a963c-3934-584d-be3c-94e8b985ddc7", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e2a4795-0970-5e4b-abcb-6991658f1a83", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:feafc617-b46c-5386-8645-d913c21da412", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7894960-c24d-5713-87cc-20382b6fd68e", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0860296-c9dd-5a89-a8a8-e3a6662bfa54", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a3b743b-a47e-5c27-b99e-92be1d2a36b8", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44af1308-b0df-56b8-a50d-10b6112c8dd1", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61a600a-3b98-5a75-9b6b-ff009b09840a", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9586ca34-136f-55ba-8a8f-5e9407385a21", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05fb7d4a-f866-52b4-8375-cb5be76a90c9", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-xml 4.1.58.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37d59cb9-b683-5aa7-8baf-58b812f527d2", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ae218ab-272a-563b-8ab4-9e4356d18528", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:415591eb-ea94-52c0-a59e-69cc2d2e122c", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf518077-50ad-50c0-810f-63854d05c71f", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fa6bda9-4113-5822-86c9-145da01f8d66", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:122c3867-b09d-5ae0-a11a-0a3632c77303", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16245467-bab2-5f0c-9f60-214e4e25b2cb", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9988138b-4db0-5c96-aa48-6bdd4bea3f7e", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef39dd4b-3f88-5753-a184-8efc3b80f510", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17a61cde-35a3-5ef7-82fa-c74c735f44a9", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee0ad979-755e-5b37-8edf-916997908adc", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afea737d-61a4-5acd-a294-30ebc113e7cf", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ec68d1e-b417-5c6d-aabd-0c72bc491b96", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:630a60c7-9c6b-5525-a1fd-5a6d408df300", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cad1cc5-c76d-5aaf-930f-9644c866a8b6", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f88da219-0040-56d2-aa93-f17245f0718a", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcaf669f-5684-54c6-8614-a62efbbfc3a9", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef360c3b-370f-50bc-9c57-d6f33ee92937", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e61a7b8-3427-5172-9e04-bdc0c07e9c6b", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1256a7da-a37a-5460-8201-c1d08d3165ff", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c2e8ab4-6ab3-5f95-8a12-c9885e0fd3e6", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ca3f4da-9e68-5875-90d8-0fb8f9df78ac", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e45b104-e90e-504e-b763-fb6801c7cf9e", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f09f41da-6fd2-53b8-b486-da0d0c4e6d57", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:390fcfa7-cb2e-5232-be86-5acdddcb6b24", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb44dbf2-fdcf-5304-acc6-fcc347ef11b9", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d89cfc7f-b55a-56b8-867f-6006dfd68537", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6477b8f3-a352-5a64-bbb1-b0a21f3a47e8", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04785045-40a6-5e7b-becd-6e5dd3cce7a9", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e7b74e8-328c-5f8d-b980-ca7340702588", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5db5209c-a7de-5a07-af80-cb67648889b8", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90c485b5-c6b1-5ed1-947f-7edd2ccf8713", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5673f51a-2896-5f3b-b18a-9b97a5c3bddc", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:449ec1d8-9118-53d2-a123-e28288bbce87", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ed39787-cc62-53de-a8a8-a5ac69c68399", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e54f106-d1ce-5f4b-9357-2b49ad20ee8f", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69403dd0-4e36-5b6d-b024-5c4a12fef068", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-xml." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-xml@4.1.58.Final-tuxcare.2" } ] }