{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:70465cc0-9848-5ec2-af8e-9fce4ed0d07a",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1",
      "type": "library",
      "group": "org.apache.hadoop",
      "name": "hadoop-mapreduce-client-common",
      "version": "2.7.1.tuxcare.1",
      "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:4f96cdd0-18f0-5276-819b-44d01f466cb1",
      "id": "CVE-2016-3086",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5b3a64eb-e6c5-5a14-b2db-dbd22f953408",
      "id": "CVE-2016-5001",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:203b22f9-5a42-593d-8505-2966a4bdfaa0",
      "id": "CVE-2016-5393",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9e40ac32-976a-5986-a471-6f157a9febf8",
      "id": "CVE-2016-6811",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8c90d560-ed06-5e9e-bdce-c7ba4d409bf2",
      "id": "CVE-2017-15713",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bb84c987-a407-5625-ac0c-af60b3ec5e8e",
      "id": "CVE-2017-15718",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:356fd53a-034d-5af6-a540-ca515275344e",
      "id": "CVE-2017-3166",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:62f6c0d8-0533-582a-8f93-ec69824305b9",
      "id": "CVE-2017-7669",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:abfce9e2-61eb-515f-8f6a-24f00b004317",
      "id": "CVE-2018-11765",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2043875e-d7b8-502c-9aaa-3f2a637c15fd",
      "id": "CVE-2018-11766",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:85536684-36ea-5017-ad67-e2c8636c84ee",
      "id": "CVE-2018-11768",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c22e954f-3109-577f-a479-aeceb7a3ca23",
      "id": "CVE-2018-1296",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:728d5d3d-eed4-51ef-8d7b-7fb672cd4e8f",
      "id": "CVE-2018-8009",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1301b636-5f23-53c0-b95c-4c7682762c4e",
      "id": "CVE-2018-8029",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b10d0d72-b2cb-5fdb-b35c-70e512686bc2",
      "id": "CVE-2020-9492",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f26b4a83-b9b8-548c-a238-715b0e9056ff",
      "id": "CVE-2021-25642",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5fa3ce2b-2abd-5dff-a120-493d2ff2c101",
      "id": "CVE-2021-33036",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:313367bd-15d0-584e-ae90-3fb75f1cf444",
      "id": "CVE-2021-37404",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:64e76c1f-3835-591f-b762-4678d6a28b44",
      "id": "CVE-2022-25168",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d1a32e48-df61-5468-bffd-7cc1f6d73899",
      "id": "CVE-2022-26612",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:84043644-a40a-5928-b7c6-ac95eda43d51",
      "id": "CVE-2024-23454",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-common@2.7.1.tuxcare.1"
    }
  ]
}