{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:611b7744-bc2b-5693-b303-df51afb3fd19", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-mapreduce-client-shuffle", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fb119838-38d2-5f4a-9a0b-01e618a1c59e", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1edc701c-1cb1-5c4c-8303-8a7298f0103a", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb7a2893-02fa-5441-9cc4-b3a3597736fd", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4e659ba-1a32-5018-965f-395087215011", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b5854e4-6798-5cfa-b074-8bedd4f99ca9", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5981b067-4bac-5184-9b7d-1a03d92197b5", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d5bb9e4-383d-50af-8e73-27871e2fbaf6", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f32b278-8a14-5850-8d6b-4cdd46b3c1c3", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49bf4c4b-3b24-51c6-83aa-6133de871eb1", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:442da159-2f65-5f50-be83-c23ffb9a232e", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee71d383-1630-5428-abc3-1dd0a3893b90", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38344870-b368-56a9-b17a-07ace6643fab", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:277098d7-55ee-5fbc-b17b-3d1c0a3c7c80", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f627a058-433e-54bc-9952-d6c5ec8b672e", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c66d2d43-1b15-5e83-a17b-91526354a6a0", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9758b2e4-d5fe-5ad5-af1c-e83a4b365b1c", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3b0566f-08e4-5f36-93c5-66c4c7de955d", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7261c520-1826-5e6b-adf6-04f6ffa70264", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f21a18e-f270-5c59-96b3-69eb95130f3f", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cec73464-9492-5610-91a7-dbc7292854ce", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4af2cdc-8d77-562a-851a-1c2949f60481", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client-shuffle." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle@2.7.1.tuxcare.1" } ] }