{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:547d9c1f-e2b2-53fa-b1c0-ba0dc0afb191", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-mqtt", "version": "4.1.82.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4adc1ac4-9932-5557-aa71-a49be3598eaf", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb414ab5-64fe-533e-aa06-bafa3ebccc62", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecb8df65-06a1-5c37-9602-a3d5364773db", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46280797-c9d0-56c0-ba3d-880ab04cb14f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2a5540a-ff9b-53e6-a328-37c4600f3f8e", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-mqtt 4.1.82.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7337368f-9182-536d-8c3f-f8b8e79deba3", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2331ac79-1bc3-55d5-af1a-9d3b90762e12", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:009210ab-7b1a-5b53-b46b-d16808af23dd", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5696bf4c-78e7-55ed-9814-b0e25aa5fe45", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4cb2381-29e3-5de2-940f-0386a0381ab5", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bc8bcc8-d96a-5fba-a5f0-8e7e60476d76", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12ed269b-0700-5b4f-804a-d7ddb2ee36bd", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b80662fc-459f-5ab4-8056-433243b568ef", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2645b60b-7149-54ba-90b1-69c650880d4f", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5e21936-168f-5379-88ef-e83f524ff39f", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e127a0af-d2da-56a7-b25c-3d77976b9ae2", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:febeba74-201c-5959-b509-4a6a91d0718f", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9f13801-d541-5d5b-b3c8-b2e17ef5e42a", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ced3fa26-1244-5883-a3bc-11e00fbdafa4", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10acdac4-a0ef-59ca-980e-d6e72c5d45c3", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73ba5130-9795-570b-ae50-489c71e16ecd", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35ac60b2-7c3f-5fe9-8e0f-5953f03ce862", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18c9f427-4b7f-54fa-a9cb-0b99f6484bb9", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f14779fd-2df3-59b3-9125-4ba8dfa78635", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1867441-7007-5ea7-ac52-b7239c5a5831", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abb985ad-68b8-51d4-ba1f-c5924ec06b42", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65bef4b8-0a01-5f87-8735-a901be012318", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9bde046-c0e9-5377-afb2-c3538b82e60a", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }