{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5c644554-c15e-5cbd-9b7c-bb9b1a91677b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-mapreduce-client-hs", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f71e8fab-5ff1-56b7-a66e-fc694a28fde3", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:669635b7-7757-52f9-8309-059f354c87d4", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ac7fb04-8f14-5264-8e78-ad296308f73f", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b82549a4-038d-5f9c-9762-d1e64fec28be", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b8b4c5f-f176-558d-8513-34fae0e55303", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be9af45b-8feb-5d75-88e0-2065e11a84ed", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8699ba02-8c02-5679-9b57-5bef05f7d354", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e62486c1-1da2-5ba3-8a4b-156fab414e00", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3e7f587-83a1-5bc4-b67d-4b23e7631baa", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5e761cd-b803-5ff7-85d2-bc782cf0730b", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b75c363-e4c9-565f-b74c-3b84bbcca10e", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0efc19fd-2d90-5ddb-8830-a0174c0922b5", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f5871e2-18f6-5b89-a262-b19afb0603c7", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04c692cc-a799-5dea-81ea-8c7022930831", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f083c65d-4dc4-5ee3-9647-7b10590dd97e", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdd47154-214c-547e-8d41-34c01ace7164", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:999e25ce-e0d6-503f-b94d-961ae59e6d63", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec5fa11f-7a81-5d07-a96f-3bd5d11fa293", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-hs." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-hs@2.7.3.tuxcare.1" } ] }