{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:40c76215-46c5-5b7a-a131-378aebd2aca0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-minicluster", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:abadcd5a-1b7a-5072-a884-59fb966d53ca", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43d65a69-a04f-501a-9caf-eadc8dd57f18", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:858d93ea-20a3-592a-b7a8-5318422dd139", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02a6d253-5b5d-531e-a422-88149c21b1c7", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84553684-c1d2-5a2b-bc48-8bdc18dd502c", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c085fe23-86de-5702-ac6e-f9a8ed5f68ae", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10347841-204b-5115-8b7b-5cc8f2c74799", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:721067f9-be8e-545c-a6d1-4419a19e4cba", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91fbf13f-f802-511b-a041-9e85e536359c", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6bc0df83-73cf-566e-87ee-50faa184e0dc", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69d593e1-d1e7-5ce3-874d-e6fed59d688c", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1602ef9-22e4-5f03-8c13-65d45168c10f", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e763f65c-7ac2-5b59-ba7e-2be790446429", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2ef25f4-d986-56ba-9a12-8614972ec5d1", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11a6a4fb-0a9c-5adc-9b29-d38bf42a4606", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d50cb035-b0a6-54a2-ac66-6ff6f6a4dd5c", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:649e07b6-f680-5287-a55c-04f34773382d", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46341aae-0671-5ffd-9f73-2f49f6a20430", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f6051d7-e227-5ef4-8b19-7fede43d7875", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f6528f6-ded8-5d1b-8a76-a0557a70dfd9", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b67c7c9e-ad65-5aaa-829d-249031a61939", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.1.tuxcare.1" } ] }