{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b4fad8d9-e5bd-5cfd-8e61-7402b5c161f3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-mqtt", "version": "4.1.58.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:51817288-feda-553c-8304-c4843428d8e2", "id": "CVE-2021-21290", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21290 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e9c1a9b-40c7-57c7-82bb-f3558f00591d", "id": "CVE-2021-21295", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21295 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cd9e4ab-83d4-5186-8fcc-a9b04a33f911", "id": "CVE-2021-21409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-21409 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10312f5d-0d78-518b-bf77-1688e7755da9", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d254c5d-31ec-5cb8-bf73-03b62bd669d1", "id": "CVE-2021-43797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-43797 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e774bfb7-7f2e-5b8b-adf0-e35c0b4b0708", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f92027be-908e-5fff-b82f-4c4fa71c5c1e", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d178dde4-bb32-5294-9c36-e8140067dfd8", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19d67e7d-0646-505e-bd17-0f0877eae0e7", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a47d20b-9443-5098-b82e-9a9716ef6c90", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-mqtt 4.1.58.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f54ae002-9a50-5ec9-808d-a4b26cca99b2", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8dae56d-020f-57b8-93a3-690e72035e59", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ff79785-7304-5750-a76c-29dcc295609b", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf55fbb4-400f-5eb7-8d85-df06ddbef3b4", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b305ca1-ea20-5ba7-84a9-8172ff6b0b8f", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a975f707-30a3-5a2e-8036-83660db73c90", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aae80f71-f0ee-5559-ad1b-8f4c7a001980", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4115bd0e-2d18-599f-9f59-05fc282f02e7", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:003b077a-edf6-5515-955c-0c15f6e35fd4", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79aa6c41-e39a-5c86-a00a-fea35c0ae255", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2aed3678-c973-5e00-b2f9-0926c2a3ab82", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1ecdacf-0c19-5631-9e77-e6d5ccd13d5a", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:778e1e0b-6b28-577b-9496-e871e0ce3949", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12fa0fb6-6899-5855-afc0-9c2a01937d31", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b967f57-02a5-5e28-b6d2-cb6c5b6398e8", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89b8a885-0201-5a07-ab40-346a99f8c8f6", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5af87bca-f1cb-5bce-a68b-4d90ca77b94b", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4db75994-4ee6-559d-86a9-dced99b7a4d2", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3489617-5eee-5174-980d-e999befe3f8f", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecea2037-e8b2-586f-b8ef-da31b5137297", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6e5847f-6635-559d-9522-1675aac7ff36", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f6d5d86-b350-503f-9382-9511de40a455", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd615d6f-7592-50a8-aafa-8ab431570891", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.58.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.58.Final-tuxcare.2" } ] }