{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:87e1c207-a671-5b78-9f40-e152e8b89810", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-mapreduce-client", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:66ab2c5d-aa4f-5106-af99-5cab14e5d582", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28d16022-f824-5755-ad64-dbd6d3e1b440", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:260adbf5-daeb-53b6-82d1-b35a47b66fe2", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a669f929-4efe-5fd2-a3b9-b2cc0c96e3b6", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:705f0fe6-658f-5c98-b080-7545eb541a00", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ab655a5-d5a0-5dd5-972c-3a2984ba3571", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ab23546-d176-5ace-a89f-51e8055a4c6f", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1364b24d-5ac0-596c-ad78-a3264a292f0b", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61f4496d-58f8-5c8e-8d12-2882d6f63907", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04964eb0-4990-51c6-90cb-f717dad897d4", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fbab6e9-2902-5930-acc1-b0c1ffd3c959", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2c225bb-418a-508e-8a7c-ebc6c8699d82", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5e589c8-5343-5fc8-9251-cacd27dc47bb", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8de1416a-90f9-5a52-89ce-519f1bd2304d", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:066086b2-f665-5fc7-900f-c5636674c176", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ad6d3c1-37a2-558e-bc0d-310dd95e0ca5", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ea45114-48cc-57f3-944e-453bbd0ad20f", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6f6a4e7-b45a-5c81-a949-25cf1c7425fa", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6ac6555-59f9-5142-86c5-a6c7f287cc58", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da624cd5-7b35-52a4-811f-490858a4580e", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:706258df-94ee-5b0d-8881-3ad4dfeff468", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce-client." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce-client@2.7.1.tuxcare.1" } ] }