{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:04310d79-8ab7-5672-8152-856a8d2b4f5d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-mapreduce-client-jobclient", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f49d8a69-8f01-5fe2-9b39-5f195c669849", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60258d39-9d49-5bc9-b8c1-f06c5055e3c6", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:944245ca-ab44-542a-ad97-6e36b346e151", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d36c5d13-3e70-5270-a90d-9d789765ba8f", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b858e791-cf25-595c-905e-f95e947c51ec", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fdb80a9-9499-5792-841b-12c78372ae71", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2710cc0c-388a-59af-b393-304371ce425b", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10e5655c-a5a6-57ff-a3aa-a2304379c21d", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d01364b-0928-5cde-894a-28ea3d4f4b4e", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b61d58bb-afa3-574d-a65a-9fd45b3e9537", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f992dcc8-47ca-56e7-aba8-fc5718f1c4b1", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88b04a35-f88a-533f-9de0-8787c900708b", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca3a2d54-8add-536f-ac96-8b4498dc55ef", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77bec56b-f665-545b-8284-870d1a838a48", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e1a1936-2ba4-5279-acce-666a63c08b50", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfbef227-8849-5c3c-a568-a1b3ae6a3045", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:441b458f-b625-5e8a-818c-a254237009c0", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1c026d9-a33a-57ad-b721-6bf4910daeac", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-jobclient." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient@2.7.3.tuxcare.1" } ] }