{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4e2cc612-5d69-5885-913f-15febc7d2493", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-stomp", "version": "4.1.75.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a4640965-6ab6-5681-8a06-ca10a9595cea", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6fba969-590a-5abc-9b0e-05d78670eab5", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33783e7c-90e2-5f27-a353-346b31443d1a", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d2fc0cc-1aff-5cc9-aa17-b90900485660", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33bf8251-b228-52ad-927f-66d63488554d", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cec02864-fa7f-5394-8777-da8a30154d22", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-stomp 4.1.75.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a38f33b-a772-523b-b079-714de9a13452", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:780ad361-04ec-5e7e-98c7-8f0f75bf9ab5", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4339686-a3ec-5e8e-9c85-ac4fcad2ee01", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ae37850-c621-56eb-b4ed-63034e782f92", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3640c3ac-c416-5be5-b51b-aad52def3ad3", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:286cc9a1-7ea9-57a3-96b6-91841b5d91f4", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90504a4b-669b-5fd0-8429-55d33efae5d0", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e37c9ccd-3eea-5ecd-9656-413d277e9385", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce9683b1-6481-51c0-89cf-540c800b7a42", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07317c3d-41a9-5ae8-a5d9-ea2ec035e9d5", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a4b9992-39e6-54cc-a072-1c65285c1ed6", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:932f8f93-090e-5858-86c3-cb4ddbdc23a9", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.75.Final-tuxcare.1" } ] }