{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2a414351-16a6-5dce-973f-4385810e202e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-stomp", "version": "4.1.112.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a03029c3-474b-56ee-b2c7-d704a3fa1344", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d136c26c-2b56-5a11-85fe-347ab8d7f005", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46e91f36-6ec8-5f0c-bf75-7f70d72f3c8e", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ed57f7e-7988-58d1-9ce5-d040dfcd532e", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40ae50fb-295e-5e65-ba6b-3647f3eaaac6", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c316104-c170-5344-9b21-763a957a935b", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d4f70c6-4f97-50ac-a939-dc121f214e44", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf37c895-5e9f-55f8-b8d0-d1606b731151", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f578dda1-d36a-5fa5-a004-f8dd195dcafe", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6124f88d-f23e-5673-b7a6-a00368c7648b", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }