{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:71ded787-0551-5b8b-acac-4cbae9771909", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-main", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b16b0426-c28e-5df1-8d51-b74efcf59c02", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:013f5a80-9c9d-586c-b22b-f997321c541a", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:733a43e4-7261-5a28-9ad0-72269744d0f4", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abeba92e-b90f-55e3-bfca-306e139102bd", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cba4ed7b-e085-5b92-92b6-c21526ebee24", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f8e15ca-8f2b-593e-a2ff-0f6ba47a6e5e", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:741067e7-83ff-56d4-9c49-810139b98c56", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea9283f3-9fee-5db2-9814-7668da64a42b", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbc260f9-a5f3-5f7a-b9af-012196a0cd69", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:089d7099-f9ea-56f4-b09b-4d274016d18e", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed3a66d8-5de6-57d4-9518-4fd74750588c", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bad7dded-19ad-5b75-9eb7-0fb70599c12e", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf05e99f-ca0b-5568-8c5f-e45431af51a3", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5340129d-f981-5b36-838a-eea3ca12c2d9", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84158e8c-6d77-5c02-9c2c-7327ebcb145a", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:264bb1f4-857e-5975-8c54-fe8f2172d709", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d91ff2e-5448-5754-919a-8c1da2297479", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf6e496f-4ba1-5780-8ff0-54dbb3c2c7e5", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8848b07c-939e-5fea-958b-b043cb302c0b", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:858a62bb-6880-5f89-a6af-cef7cb0eed96", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91993b00-4d34-540a-9017-bdf1c84ffc6e", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-main." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.1.tuxcare.1" } ] }