{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a5bf7221-6f8a-5c1d-96e9-2895349a2ff5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1", "type": "library", "group": "io.netty", "name": "netty-codec-stomp", "version": "4.1.112.Final-tuxcare.1", "purl": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a03029c3-474b-56ee-b2c7-d704a3fa1344", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d136c26c-2b56-5a11-85fe-347ab8d7f005", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46e91f36-6ec8-5f0c-bf75-7f70d72f3c8e", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ed57f7e-7988-58d1-9ce5-d040dfcd532e", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40ae50fb-295e-5e65-ba6b-3647f3eaaac6", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c316104-c170-5344-9b21-763a957a935b", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d4f70c6-4f97-50ac-a939-dc121f214e44", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf37c895-5e9f-55f8-b8d0-d1606b731151", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f578dda1-d36a-5fa5-a004-f8dd195dcafe", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6124f88d-f23e-5673-b7a6-a00368c7648b", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d330457-8313-5d8b-ac45-96d447c71fb1", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07cfdd81-8abe-5cd2-990b-c7b5ba1a7e2b", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5736aae9-c5f8-574b-82de-1f4c5f509634", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92404212-430f-532b-8f55-08e1dbe2c871", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7af1f04-cd2f-5c6f-9bdc-303482ad3c66", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:639d9eb3-cd20-5ba9-963d-613a6fc493ba", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2d4a3cf-735c-5ddb-81f0-ed5ccb0e6060", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d018ee0f-ef71-5d28-a645-27c69946e0eb", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:385b75de-dc21-5526-b24f-85d71e4f4020", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1220060f-e8d7-5ce0-8499-1e20c15d4d79", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76dab616-83da-5328-8088-3357aae95674", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.112.Final-tuxcare.1 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.112.Final-tuxcare.1" } ] }