{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c72de098-f356-5d46-a1af-025363ad01e7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.112.Final-tuxcare.3", "purl": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5aa151c3-bf37-51c5-9e1e-8ec57e1d7e5e", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38c62743-9b8d-5f32-b528-aefe90844869", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66ec5797-a462-5ba5-ab5b-423dabea7c27", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0b0aee8-2ae6-5224-afdd-cb3220e6f92e", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c93c8326-9f94-53ea-8478-570c75987bbf", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d52052af-8c04-5041-86fd-eadc5eace9e3", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e01f28c-e140-594e-895b-858fc8110755", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64a0b1dd-40dc-5a91-9cdb-c9d1de55b3d9", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5253767f-800b-5c5e-8a1f-195172e488be", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c832e827-5b02-5319-87e1-2ee70a8b5115", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.112.Final-tuxcare.3" } ] }