{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8949df47-4dda-5c4b-b78b-78eab960f3c8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3", "type": "library", "group": "io.netty", "name": "netty-codec-mqtt", "version": "4.1.112.Final-tuxcare.3", "purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:88700052-ffac-5590-af28-38dcbbf96dc6", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b18d30fe-2bc2-50cc-9a7c-e7cea37ddb19", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:674f0f6d-f85f-5780-b33d-eae8bd658936", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b551b409-9413-5888-9a19-aa6a5471c0d1", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bede20e-a175-5cf1-a2e7-646d67c32f3c", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63229995-c022-5722-84ef-0d381c4ad7c6", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2f4db5a-eb28-5baf-9a2e-687b01f6b515", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb52a139-1750-5f6d-9229-9ffd1e5cd55e", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:909452c6-bf0a-5117-b35a-9037ed74acd0", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b01886d-cd56-5159-8444-15ecd5baa0ae", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.112.Final-tuxcare.3 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.112.Final-tuxcare.3" } ] }