{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ef1b1e68-1e96-5c45-bb3f-1597f46f2757", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-transport-sctp", "version": "4.1.52.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:679e9374-6ed6-57e7-af0f-e186a819f40c", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e1885ea-d5c3-5a0a-b0fc-7444ba804f03", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d0b960e-ffd0-5b28-bcc3-c0d55c111fef", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96518d04-728a-5374-b309-3ce3c19e866b", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf5d6563-9464-512b-b3fb-3dd75a13c9f9", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdcfc358-971d-5906-bcf1-797da6b4c898", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c363062-469d-556e-8805-9f4f0a6d34d0", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b32e36a7-3f35-5497-9474-968e77ec0c34", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:877b8d0a-c7eb-5bf9-b951-d3dc66f268b7", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91d63b8e-3722-590f-be70-317af0c80459", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-transport-sctp 4.1.52.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f81a9d6-c59a-5271-ab2d-0055935cb188", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7248b973-fdb6-5340-9c35-481875bc1205", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efcf4924-119b-5170-89bc-92035b1570d5", "id": "CVE-2025-24970", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24970 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f6fca5b-df30-5575-ae2a-be7372d74327", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a6b387f-1cef-5a2a-8f9f-d209018807ac", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76fe3134-8939-5c1e-8f61-dbc68ac8ef0a", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:537ee59d-6b6c-5cfb-96ac-697aca2085ff", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c88fd875-9431-5350-a089-88c1ea0d0cb2", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2821adee-ddea-59cb-a364-bded47c80d56", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c812f420-ba0b-575b-9f94-7b620f4ffde2", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d20b0738-59ec-5e41-a0b9-20767bd25cb0", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d1663a5-3b59-5187-aa30-8b4ae1dad24c", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.52.Final-tuxcare.2 of io.netty:netty-transport-sctp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-transport-sctp@4.1.52.Final-tuxcare.2" } ] }