{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6d2756f1-da2a-55b9-b9c5-396d0cb94392", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-mapreduce-client-jobclient", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:817a2eea-70c2-52e9-9d7b-bba73329cad0", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b3e57f1-2ee2-5a38-a697-19ee4b72826e", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:909c3bde-814c-5991-a967-8275134f1c7e", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a66f198e-5551-5ef1-a9ce-b928fc0c47bc", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:298c7832-f359-5228-ac33-4790cf6084c3", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a966a1e7-8007-50ed-8aa5-e5446f9cbbe2", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6edfdcc1-9e1b-55f6-b069-31a87560d3a6", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:009d19a8-0876-55a2-b69a-571295ffef61", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16392d9f-e3dd-59c1-a994-988b38b3d4ca", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:197551c6-a283-5040-936f-23c2ef6a8fee", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13170e80-6007-51f7-84f9-41aa25b7ca52", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6ef2f7d-70a4-59b9-b5fe-7feef7ab9695", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67e09750-329c-596a-b67f-46286413fae9", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe3d37ca-97d7-54b3-b98c-52fd20c17398", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:743a6326-8cbe-5ccb-ac9f-ccab88aa85d6", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0302d0e0-fc72-569d-bc67-788990655295", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3706171f-83f2-593d-a2b1-136f66a4b2c6", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ded47be-6473-50d5-bb14-b674035c663e", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:798acf87-83b9-56f8-8103-473a2dc1649f", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd426e51-f6f5-564d-98d4-e543cc884ef7", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3ecf20e-3344-5bfe-96cd-6dad4ed51bd8", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.1.tuxcare.1" } ] }