{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:e8bc21dc-0700-58e1-bcd2-dc5d51d6f6b3",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1",
      "type": "library",
      "group": "org.apache.hadoop",
      "name": "hadoop-main",
      "version": "2.7.3.tuxcare.1",
      "purl": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:62bca6ce-4443-53b0-bd93-5fb572f943bb",
      "id": "CVE-2016-6811",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e6ae715e-98fc-5cb5-9477-73dfb0fcd90f",
      "id": "CVE-2017-15713",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a803802f-67b9-5605-b2a3-ff8ce8fe90e3",
      "id": "CVE-2017-15718",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f8a9715f-f6ff-5c1b-9e9c-e763b14e0216",
      "id": "CVE-2017-3166",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:303aac1b-6238-5dab-afe4-434346ce38f6",
      "id": "CVE-2017-7669",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9688094d-6c2b-5ec3-8795-8167616a0b7b",
      "id": "CVE-2018-11765",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:74cd58a4-3ec4-5e7e-aa08-40adeaa47e84",
      "id": "CVE-2018-11766",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:19ba3f15-0887-5813-b3a1-ce9dd38662e7",
      "id": "CVE-2018-11768",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6ad7c6d9-70bb-59ba-9807-a0c58bf5101a",
      "id": "CVE-2018-1296",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b023bde6-bdc7-51bd-804c-34567e56c9ae",
      "id": "CVE-2018-8009",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eba78e59-7587-5d14-ab1b-0313281c6558",
      "id": "CVE-2018-8029",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a23152fa-fca7-5df0-ad94-dc366378ffa4",
      "id": "CVE-2020-9492",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6928a8ae-ce91-593e-86c8-7d57b71c9b63",
      "id": "CVE-2021-25642",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2c8a1b29-196a-5462-a116-8c4c28b553cd",
      "id": "CVE-2021-33036",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:26ac3b42-8327-5004-9756-3114ef636ef5",
      "id": "CVE-2021-37404",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:209d1723-2484-5a70-b59e-07bf12e042c1",
      "id": "CVE-2022-25168",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3c7fda95-c2be-5e2e-8813-dc61477ed5a3",
      "id": "CVE-2022-26612",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0037611f-83de-50a0-a9f8-162c6fc48351",
      "id": "CVE-2024-23454",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-main."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.apache.hadoop/hadoop-main@2.7.3.tuxcare.1"
    }
  ]
}