{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e35bd261-9e00-5fbe-b195-caa21eca8eb6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-mapreduce", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5898a9ff-0f08-5c63-aa64-ee6a663892d2", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e316b943-f48f-59ea-b244-205ff688cc4e", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e96f686-551f-5137-b97b-d99cc24c54ef", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b2bdbda-6e45-5396-9895-8526c91cf995", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be007adf-a7b7-52e9-9586-a0df42b32fe0", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:361ee04a-d1a6-52f7-853c-7854d8ae85a4", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1b2751c-57b2-5eb0-a082-dfba82d5c80e", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4bebfc3-3858-5457-a47c-9cf5efcbc050", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94b1aafb-cefa-5154-a437-3b4bc883ba0a", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:130cdf0b-a987-5a61-a0d9-2311a18867e9", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2458b0d-e133-5795-862d-aeef08ae2e67", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1997ee22-737c-53af-a516-d05d47ebe69b", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a853cf99-e8d0-5f3c-8deb-23fa55cfdf6b", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e2e36ae-3b64-5155-9321-8f7b58b0a6b7", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b70caeb5-142d-5e28-b6ab-227d59b77952", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4b7430c-d8f9-5d55-b50d-c6c29536f703", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fb75d7b-b155-5e65-bfa8-480d1f05b49f", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4f3b989-5837-5585-911c-05b74bf7232d", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56843efe-9567-5374-bb53-745503030104", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ccb6c0e-01a1-5d29-b927-57fa38f817b3", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:596fd6db-dc19-5b74-9cb8-dfd8abfd46f6", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-mapreduce." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-mapreduce@2.7.1.tuxcare.1" } ] }