{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:654de258-eab0-5520-9e73-bc629d659170", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-mqtt", "version": "4.1.75.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5e93ddf4-14c5-52e4-a53a-4e5dd0b15aa9", "id": "CVE-2022-24823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-24823 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a31791a8-cd0e-5380-b54f-f4c63b31cc29", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83e0ce39-33a6-5fac-abb0-e9eb9569875b", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b91c3a22-b675-5258-8398-288786ede369", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc5daa42-4879-54a9-a5b1-331752fa6555", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b16f7e3-4d81-5901-acb7-ae60dcf08b26", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-mqtt 4.1.75.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:987cef3c-d932-5e83-81d4-6fdbb352a382", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e807b4e-2a50-5c8f-aeac-a07e565582f4", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fe77bdc-ef52-57d1-ae9b-4860436ba2c2", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0955d437-c60f-5df6-a34d-b6b224419123", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce2b24b6-253b-5abd-b976-b653501dfede", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbc80c67-3d84-524f-af50-f560768c71ec", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1908fd8b-b110-5efc-aae6-80ff7efc23bd", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4edae42e-a0b0-53e9-a0e9-0c60ca797314", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe1e48f4-7bde-5f9a-81d3-d41439321187", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:264b3940-3f72-53f2-81a1-3c07f9387753", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e57a45d5-c5d4-57af-8ca5-a9daffceb27d", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69d21d38-4980-5406-bf29-d0762c8719ed", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ac9289f-ddfb-5e0c-b8c3-729c0ad256a7", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5628049-b220-574b-b32b-a6ec8b3b5c3d", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28df379a-b0a9-5523-9cce-78266ac5638f", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c69733b1-e7de-503e-af5b-ee6c7a957c8b", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c2cdf01-16ea-5b64-a510-fd4ac3e07020", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:172ced9d-83a8-506c-aba2-bb2214e1c341", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b193a5e1-12c1-5d2a-a614-a226e4ae47e2", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb139c30-a152-5489-b39d-f4091959e036", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bfd358f-8054-5785-b79e-d38729b2a95a", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44086d80-6403-5a70-bc92-be9a4a9bfdea", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ae59131-6dc3-5e1c-b97c-f8946ec03b36", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.75.Final-tuxcare.1 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.75.Final-tuxcare.1" } ] }