{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e5631225-9197-5d9a-ac95-ede0a786301b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-mqtt", "version": "4.1.60.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:391ad1d7-a030-5052-9081-63f784e8dadd", "id": "CVE-2021-21409", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-21409 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e571c9f-3000-57b4-9e1b-af4903b7cdfb", "id": "CVE-2021-37136", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37136 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbab42f6-f281-501a-b387-ce2f3018bc70", "id": "CVE-2021-37137", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-37137 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5484378d-4401-5763-b32d-0f10368ee266", "id": "CVE-2021-43797", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-43797 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a4d697d-9c74-5bbe-953b-0efa66553f6b", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f93793e7-23a5-5858-9936-22fda55c0d8d", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6d29173-547c-5b3c-a906-840d62565d81", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:498c659d-4e53-5a7e-acd4-8ce70344ab74", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18c5d411-ac75-5eda-99d9-97d159ec3252", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-mqtt 4.1.60.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec95de2b-5303-5223-ab41-0589cd376970", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51eb253b-08b2-5313-bf64-be328a4a549e", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6005dd4-c44a-5bea-a823-c98c92532b4e", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e02101a-582a-5ac1-b2fa-0a490090c65c", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cec466a-5037-53cc-9dc2-1efd9f7087bf", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77379a77-716c-57b7-bde6-d65e1d563086", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72bfed5a-66f4-5aaa-95c7-bd7eedc471c4", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27e1ea7f-f58b-594a-aa43-8f92069bc69b", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b90b857-a901-5e2b-86f4-6442efbf1bae", "id": "CVE-2025-67735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-67735 is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48620dd2-9828-56c9-ac2b-d2c6543feb63", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fcf97c1-9bed-5ea2-bc41-629ccf5476fe", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e8d596f-15f8-5095-9cd6-830497966042", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60b4d58b-f641-55ae-93fb-5e2435615493", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60dfb72c-7273-5d7e-924f-0770a7c76532", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a642ae03-9377-55cb-b6ba-51d417e88c18", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b39624d0-5a5f-5808-a519-54a2e620ceef", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9e5d9bc-3241-58c7-86fb-cc4321ebb9f2", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24ac0101-93ef-5b71-b898-4d13b154d985", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bb1402b-dcc4-5f79-b430-63fae9ed47d4", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:532ea0ab-78a1-55dc-b0ed-c1f794dda1a1", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8ca78bd-4998-5af0-ba86-20504eee7a28", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a784ed5-6623-50b7-a793-0ccba2233c1c", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c895c8d-3564-57b2-9d34-ed149ad888b2", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.60.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.60.Final-tuxcare.2" } ] }