{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5cfdbaa6-f416-5c46-acd6-27a819248b7a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3", "type": "library", "group": "io.netty", "name": "netty-transport-sctp", "version": "4.1.112.Final-tuxcare.3", "purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b82f8ac5-a027-536e-9d7e-d167f5649c64", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60baceff-7760-596e-a6c6-365490a4e520", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8150ec24-5e30-565d-bc9b-796e814de9c7", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7cf9874-663b-5563-b0e5-256d797b1328", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccf3f919-f627-5b97-9f09-1439c95db4f1", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6067b927-157e-5d09-badd-8ec257957e1a", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e89996e-f324-5005-8f00-a1206462a740", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbb81f3e-30fd-5b57-8d60-ee3680c24e4e", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bea6d193-1f65-517a-aff5-04a1dffe40f8", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7b6ed20-b3a7-5074-9592-e5697b4fe27c", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.112.Final-tuxcare.3" } ] }