{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5828edd2-a820-5646-9fce-b6264774145f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4", "type": "library", "group": "io.netty", "name": "netty-codec-stomp", "version": "4.1.115.Final-tuxcare.4", "purl": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:74a3b6a1-c918-5bfa-ad63-4d98579f6d04", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ebc8b9b-7acc-56a8-a2ef-44fa874298c7", "id": "CVE-2025-25193", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-25193 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77db5c65-4bbb-5ac9-a90d-1da9d9db9783", "id": "CVE-2025-55163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-55163 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d1216c8-296d-50f6-9bdd-d82a8d0b20b8", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f6c14e8-d930-5e84-ab9e-4cdd723bc1b4", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6036045e-10dd-53a8-88b7-9d32fe72928a", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19c7a613-96b4-5f67-9afa-a25dc6fd7702", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf7f00a4-cfb2-527d-ab04-bd6374436031", "id": "CVE-2026-33870", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33870 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:563ef4dc-24c4-5b10-af49-4fcacd1880a5", "id": "CVE-2026-33871", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33871 is fixed in version 4.1.115.Final-tuxcare.4 of io.netty:netty-codec-stomp." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-stomp@4.1.115.Final-tuxcare.4" } ] }