{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a5f56c3-86e3-5e2e-afad-514722aff710", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-mqtt", "version": "4.1.75.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5e93ddf4-14c5-52e4-a53a-4e5dd0b15aa9", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a31791a8-cd0e-5380-b54f-f4c63b31cc29", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83e0ce39-33a6-5fac-abb0-e9eb9569875b", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b91c3a22-b675-5258-8398-288786ede369", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc5daa42-4879-54a9-a5b1-331752fa6555", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b16f7e3-4d81-5901-acb7-ae60dcf08b26", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-mqtt 4.1.75.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:987cef3c-d932-5e83-81d4-6fdbb352a382", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e807b4e-2a50-5c8f-aeac-a07e565582f4", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fe77bdc-ef52-57d1-ae9b-4860436ba2c2", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0955d437-c60f-5df6-a34d-b6b224419123", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce2b24b6-253b-5abd-b976-b653501dfede", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbc80c67-3d84-524f-af50-f560768c71ec", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1908fd8b-b110-5efc-aae6-80ff7efc23bd", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4edae42e-a0b0-53e9-a0e9-0c60ca797314", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe1e48f4-7bde-5f9a-81d3-d41439321187", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:264b3940-3f72-53f2-81a1-3c07f9387753", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e57a45d5-c5d4-57af-8ca5-a9daffceb27d", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ae59131-6dc3-5e1c-b97c-f8946ec03b36", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }