{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:260920c5-54b8-5507-a759-bc8cfa22bcee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec-mqtt", "version": "4.1.82.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4adc1ac4-9932-5557-aa71-a49be3598eaf", "id": "CVE-2022-41881", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-41881 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb414ab5-64fe-533e-aa06-bafa3ebccc62", "id": "CVE-2022-41915", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-41915 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecb8df65-06a1-5c37-9602-a3d5364773db", "id": "CVE-2023-34462", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-34462 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46280797-c9d0-56c0-ba3d-880ab04cb14f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2a5540a-ff9b-53e6-a328-37c4600f3f8e", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec-mqtt 4.1.82.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7337368f-9182-536d-8c3f-f8b8e79deba3", "id": "CVE-2024-29025", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29025 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2331ac79-1bc3-55d5-af1a-9d3b90762e12", "id": "CVE-2024-47535", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-47535 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:009210ab-7b1a-5b53-b46b-d16808af23dd", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5696bf4c-78e7-55ed-9814-b0e25aa5fe45", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4cb2381-29e3-5de2-940f-0386a0381ab5", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bc8bcc8-d96a-5fba-a5f0-8e7e60476d76", "id": "CVE-2025-58056", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58056 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12ed269b-0700-5b4f-804a-d7ddb2ee36bd", "id": "CVE-2025-58057", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58057 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b80662fc-459f-5ab4-8056-433243b568ef", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2645b60b-7149-54ba-90b1-69c650880d4f", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5e21936-168f-5379-88ef-e83f524ff39f", "id": "CVE-2026-33870", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33870 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e127a0af-d2da-56a7-b25c-3d77976b9ae2", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:febeba74-201c-5959-b509-4a6a91d0718f", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9f13801-d541-5d5b-b3c8-b2e17ef5e42a", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ced3fa26-1244-5883-a3bc-11e00fbdafa4", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10acdac4-a0ef-59ca-980e-d6e72c5d45c3", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73ba5130-9795-570b-ae50-489c71e16ecd", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35ac60b2-7c3f-5fe9-8e0f-5953f03ce862", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18c9f427-4b7f-54fa-a9cb-0b99f6484bb9", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f14779fd-2df3-59b3-9125-4ba8dfa78635", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1867441-7007-5ea7-ac52-b7239c5a5831", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abb985ad-68b8-51d4-ba1f-c5924ec06b42", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65bef4b8-0a01-5f87-8735-a901be012318", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca8561a3-2edb-5e1b-a588-a8d4ee81e62b", "id": "CVE-2026-44249", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44249 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc44abfa-7385-54cb-8152-b4a6e686b5a7", "id": "CVE-2026-44250", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44250 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a01a5a8-2344-5aa8-ab55-6299c5528388", "id": "CVE-2026-44890", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44890 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e67d6f32-109a-5a12-a543-42d6e036ce9f", "id": "CVE-2026-44893", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44893 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a63a24da-40e0-527a-a645-af822c17a2d5", "id": "CVE-2026-45416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45416 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a918ecb-10f6-55c7-b7e9-16f4dc65f709", "id": "CVE-2026-45536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45536 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:504104ad-16b4-5a40-9f6c-dcbdbc2dfc18", "id": "CVE-2026-45673", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45673 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:693be9f7-dccd-51a6-bc73-b50ff40b2048", "id": "CVE-2026-45674", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45674 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:420792b8-7c1f-5f49-9aad-c37ad483a96d", "id": "CVE-2026-46340", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-46340 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3047cbb0-d6ff-576c-8c3a-1aa9d7760aad", "id": "CVE-2026-47244", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47244 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:772ff6ea-be55-5aaa-bddf-0ada9ca2ada2", "id": "CVE-2026-47691", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-47691 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a0cdad6-9ef7-5b1d-8448-d8d9aa9c9a4b", "id": "CVE-2026-48006", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48006 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c4bbd95-38a3-5b43-9ff8-31e8aa6df6eb", "id": "CVE-2026-48043", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48043 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44ef6586-294b-5135-bc8b-ee1f42caffd8", "id": "CVE-2026-48059", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-48059 affects version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9bde046-c0e9-5377-afb2-c3538b82e60a", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p is fixed in version 4.1.82.Final-tuxcare.2 of io.netty:netty-codec-mqtt." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec-mqtt@4.1.82.Final-tuxcare.2" } ] }