{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e84e76c1-35d9-561e-8c1c-a8eab09b4858", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-auth", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6301294e-22e4-542e-9ff3-8e997b9ec771", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:267f60f6-e936-5fb5-be2d-7e5f37b8ac65", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be457c8f-0938-5d03-a4a7-0f17a5520fd2", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:412ab1ab-1944-52b6-8d29-ca6db5815523", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbfd5743-a5c1-5f92-9359-d1cda56684ed", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee40da96-1235-5bf2-927b-cb5870406d00", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3cb4f04-c66c-57d5-865e-098a3c8cf208", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cbfe3a8-b859-5e4c-bf6b-a2af8d18bbe3", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14c547c1-fd70-5b56-95b5-610470b82c47", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71443bac-5287-577d-be6c-8789ddad2420", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:075e9be3-dad9-55ce-8814-6b3f0024d9d8", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db97111b-e2c9-5446-9833-e0850ee09237", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cafdc160-daad-5ea0-96e0-6f151b5116c2", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94a7d67d-1f61-5be8-bf9a-e0b0181a4721", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4930334c-c64d-51c5-90b8-a7086eabf99a", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6db72924-b3b3-5b16-8d74-14c1e0b9cc33", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07ae2edc-f56b-5500-ac71-971145668dd1", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08927f8f-e81a-5ddf-911b-01f25a965741", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:026261de-f1d5-5e56-8cee-75b577670a21", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f4f96fc-813b-5aa4-a48f-61ef65544652", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23f5ce38-4121-5822-998d-f666a9180288", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-auth." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-auth@2.7.1.tuxcare.1" } ] }