{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b66c6165-6dd0-54cc-a7d3-cdf1006a8be1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-hdfs-httpfs", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:312c284e-033a-57a1-8790-ea6f7fde6346", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77fb68bd-84af-54fa-955f-6076bc393d6a", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce3538b1-1337-5b15-9ddb-e391dc9862ee", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f027922d-b1bc-58d8-899d-81f4e300be15", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a1bc886-3997-51fd-838c-8e8a0b72390e", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce0c6e34-3b22-5ddb-929f-97c2d610be44", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44f90315-4616-54d5-81a8-fbf9f2d2abf5", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09370d2d-ebf7-5a90-9560-3ccceb92e3cc", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a738c4d1-9071-5e00-8507-0335d78ae356", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9679b37-1e8f-5429-8e8c-0c34ce231c91", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be3dfa49-d267-58d3-a3fb-0bd8e6adb987", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00e3dc4e-346b-5be7-8850-77d421e26ccf", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b594fd61-8dea-5e69-a51b-aaae29e89dd5", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:120328da-d821-57ee-98ad-fc409b4f5df3", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4084e35-6aac-55c0-8101-a0e799203b5d", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2eb0b323-865c-502e-837f-93eda9305edd", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c85aa39-da63-500d-a4df-ef8cefdcccdc", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82088adc-e0ad-5987-9397-5c8e99ee4c40", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-hdfs-httpfs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-hdfs-httpfs@2.7.3.tuxcare.1" } ] }