{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5c120fd7-0156-5e5c-bdd9-e1dd98bd633b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-mapreduce-client-app", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cf714be0-f4d4-5467-a720-ed43c8ceb49f", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6cfd7399-c228-516d-a9b1-4644f9591f95", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:429d8845-f08b-50cf-8def-ca30c21d887f", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:158e5192-5a3e-5b89-bf7e-a9bb5571de62", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8121eb68-bd5f-5631-8a2d-c0a83576e413", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b2e3d6c-330d-5c72-ba35-940d3fc1e30f", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6ad2d74-250f-5ee9-b209-c6baf899d83f", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32211430-9ff8-5747-88c4-ac1584a2b401", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de899185-f11c-5203-bc90-513ca1735970", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffc8400a-015f-501a-b0de-5916d7c28790", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86cc501d-10f9-540a-a8d7-0196949d617b", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9217ac39-17e7-5d5f-8a0b-f77b4231cd69", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1794af13-887c-5f2d-909d-4a3649fbc405", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:955ffc7a-dea2-5b96-a7da-c11dbec7f734", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c522a8b-d69b-5148-ada2-6f554c12652f", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30e3de09-1fa0-5c55-9544-0cfc8a228d65", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a4b8749-4fe0-5d7b-83d9-7ca5f4fd2cd8", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85d5e3e8-2390-5b5c-85c3-480f610d83ad", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6bf30963-bc30-5a59-ac08-ba265a300618", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8da49ad7-65a1-5ced-9cb3-2d3feb3d5559", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a27510de-ef01-5462-a79a-dde70297191a", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-app." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-app@2.7.1.tuxcare.1" } ] }