{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:25c70dae-8097-5302-989b-16d5c7b4c548", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-dev-tools", "version": "4.1.63.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ca110fb4-d87b-5f4c-9093-3e2929ae1819", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:952254da-0b42-55aa-a34d-27d7af2c413e", "id": "CVE-2021-37137", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37137 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:481984ac-5954-50f7-8a48-bc048a22c03f", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6757e4d7-f411-5a43-8053-f25eb8b909b6", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e627699d-0c3f-52e5-8ee1-ff7873fb15bf", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99e8dd91-3ae4-5918-925b-6d767dd4e016", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:def425c2-cbff-5f97-8936-a502c00e6fb5", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78a8c388-112f-5016-8754-d367720140de", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7dd6878d-cf96-5409-98f2-c2c886631e1b", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-dev-tools 4.1.63.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcb04bda-bce0-5352-a660-6c938dcc7080", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d7a42e8-8b8e-585f-a449-184a76a73814", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e642c001-2915-5d7e-932b-8c1b0386434a", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1d39e03-807f-5ca9-ab1b-4a900881a33c", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5b3d57a-8b34-5eba-ad41-7f28b15e4abf", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dd26ddd-8dde-57b5-8846-ce9d321e0494", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd2d5080-0115-53ac-96f7-d4f14880fd43", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6439c0b-149b-5c55-ba08-6edd985d36a4", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0e76400-0897-576c-a8c9-a0322221f7f4", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be7709d1-653d-5974-b545-790afad8a3be", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:073ac9f6-3c51-5970-bddd-7edbc046568b", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08b157f6-2d24-5326-aab1-90084242b8ce", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:805f15b2-8368-50d0-a44d-92bc7440c66c", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9878822-c8bb-52f5-bb65-54fb01c7cc2e", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfd67c56-7647-520f-9e63-170402e88044", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11b22baa-c68a-5cd5-9f3e-8b1f920d3a8c", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24e499fc-8aff-56dc-9d15-a81fd51faa3b", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e4367a2-1def-567a-890d-d71eb6484663", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de2b81a6-8a57-563f-9648-69205f3efc24", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:955961f0-1a49-579a-88b8-aca85f520836", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:448177a3-8622-5697-b7f0-4e0c79ec46cb", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:759faab9-8b64-525e-b492-96cc4f49d848", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce4837b7-3c22-5343-b05f-15847bdde2f1", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b8e58ff-bedd-5f3f-a1e6-8b498714a348", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d4926fe-be57-58dc-999c-3ef9f2f463ff", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4770af0-212a-5bbf-89a1-a4ef076bad83", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bc93336-a8aa-570c-a885-d2889fa9bd5a", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25d37092-02bf-5c22-953f-ea1b5039fbfe", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:026d4cc5-31bc-540a-adc9-882613e95389", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9d4add8-d95f-566a-9292-4d3ae9b29952", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d3b361a-affa-5d04-8691-a1e1a61d6e2d", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d97d9fe2-c855-5a04-8807-b283048d4f36", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1194325-9626-503f-93dd-ffb34425659d", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2871a02-8718-548e-b2bb-7fe76e393be5", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ec0ad61-91d6-5bb4-8008-04e2fdd9a391", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64d2ea8f-806c-5167-9e52-b7410ec4e30e", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ced8d1b-ceb7-5cbd-a028-151d2ec4661b", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.63.Final-tuxcare.1 of io.netty:netty-dev-tools." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-dev-tools@4.1.63.Final-tuxcare.1" } ] }