{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b499daa-57bf-5d27-ba7c-67693e5125c8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-datajoin", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:afc2c5fa-3242-5d61-b3a1-9422a305f975", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c2d9cac-64a5-5fda-8ef6-c74584bad0d0", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6227b5a9-7c9f-5740-8824-94d3bdeea1d6", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:253d8c15-b9b9-57cc-9e7c-96fae11d3d74", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05c4ade5-9f9a-5b14-8dc0-a30f2ce99952", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfaeac28-d06d-598b-a033-67a251323fd4", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2ec4a52-d607-591b-9a1d-6f5735421eff", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32d58ce7-4ca8-57f9-a791-b3db93b47d87", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a8aacb3-e9a5-53cb-866e-89c8e8537221", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:616d52a1-adcf-50c3-aa26-f231b8e5e2b5", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f3a56f3-042a-5921-833f-d05a53136b18", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e8803d4-0e3d-51e6-92a1-7adb378f2f6b", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7af49449-e5aa-57e7-bb06-616f36a3a9e4", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a659284e-51b0-59ab-92ea-d5f83d197aeb", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3121d3f3-6769-5a63-a4eb-ad71c27ab7f3", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f787796-f260-57e8-a885-df0d9f5a3e18", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a808b2a-9343-5719-9254-e08c3e358464", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32cc8b0f-c816-5b0a-b9e8-4baf1317df6a", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-datajoin." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-datajoin@2.7.3.tuxcare.1" } ] }