{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:80fb9e1a-df99-549b-8a55-38632e430603", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-stomp", "version": "4.1.48.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7eb2b361-39d0-5742-8c00-cd7e3f749300", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cb006c4-d6ea-53cd-bdcd-f6e657db4628", "id": "CVE-2021-21295", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21295 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0a60419-9603-5d3e-bb4d-b5c9b99b39f7", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8749bb4e-c5dc-5c59-93d4-1bfe81dc311c", "id": "CVE-2021-37136", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37136 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fed9863c-06b4-56fb-9bee-c75545b3a608", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd67140c-ee7e-5aa6-b532-ead62855db9f", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7c02f72-aeed-5526-b577-db81d9832044", "id": "CVE-2022-24823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-24823 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23d88795-6b2a-50b7-bb40-6a8af8165f99", "id": "CVE-2022-41881", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41881 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96144fe6-3656-5351-91ab-ab8771414169", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:908c86f7-d14c-5214-9ab1-b961b017bd98", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7130a061-8e23-54cb-9e0c-2762709c20fe", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2c02d5f-a7d6-5b4e-a4d4-d928449e225f", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-stomp 4.1.48.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a414bf1-1e71-54c8-8967-0b054586e367", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff4fdc12-87cf-5574-bf0f-e0e548db9ebc", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8cb56ac-9ed4-592c-85e0-d20182c6450e", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aeee3eec-e8ac-5d25-a05d-f6c8a8dc9385", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d611c05e-f737-5396-a64a-9180b0973a64", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f291f04-8801-5d04-ad91-df393792c549", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9417c3db-28b5-524e-9349-b62e4a31ee74", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83c05e32-9892-5081-9bc2-fcea59e965d2", "id": "CVE-2025-59419", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59419 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7bc7790-189a-5a23-b1d5-61946385235b", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c658dce-c6a1-5e70-adf6-b67290ef8f13", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d8c9a59-8988-504c-a167-3ac263c15996", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2b20e31-3148-55c9-a547-3001267e5bf2", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.48.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.48.Final-tuxcare.1" } ] }