{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ddea56b-d8d0-534d-8a81-4f4b55cb9f83", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-distcp", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6c20cd99-ab8c-5eb0-a015-5ce4f325ba0b", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccd4f1bb-d5ce-536d-85fc-961a744d172d", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1781a426-bc95-527f-8103-30a124b4383d", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e4ef870-283b-576e-a163-22a723198167", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:205dc394-bca5-54bc-8209-e2272c08fb9c", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f4c69b3-2cb6-5150-bfa1-bd118bb03d13", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:170aae34-d990-55b2-8bb4-60c83f4463d9", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3b65ad6-e888-5e19-bad7-9e77c2ba945b", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89799501-80cf-5bd6-a852-f15fe98adf18", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:425b300e-bd68-5bc1-a7bd-98b758d748ee", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f17a6ac4-ae8e-5b72-ba2a-88d298f3fbdf", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fa15cd9-332c-5b10-8e4f-d30c9f9ad76a", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f9fa213-0232-57fe-9348-7b02c35cefcf", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d09cfe85-6ccf-5c95-b992-401b992f26f9", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ecd1d5d-c525-5f82-bca3-e5c7188c33b2", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7400a44-0de5-5318-83e5-10c69614bebf", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84fbc51f-d1cd-5718-a62f-c3cf4d30c46f", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8efea580-36eb-5f59-b707-50a0b6ef5507", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-distcp." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-distcp@2.7.3.tuxcare.1" } ] }