{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b5d95336-27c3-5bc9-b623-f0df888517a9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-minicluster", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1a33ce40-aecc-5382-891f-b6984b13f246", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a06c106e-7bdb-54cb-9bf9-888bf21d0506", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d30b176c-2f58-5cfa-b338-6f62f5bdca9b", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdc55426-5494-5723-8fd6-08f02e55e70f", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7a521a9-0924-5bff-a420-4b837947ce5c", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:870c2a7a-6d9e-54f0-a42f-790de0e4d9a6", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2b18223-d514-5166-ac6c-07024c183907", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b618b19-e6ee-5374-a3eb-c0f9b0a0ae32", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fac7362c-5012-59c4-a490-fc4084be6fde", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3df3327f-da4f-5057-a88e-b2b3f29ae1a0", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdde468f-4cb5-53cf-9faa-f22853faac00", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:835523c4-6e85-50ea-b12b-ed699a7d17fd", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c251e1f7-5eac-5025-82ee-bf8a26d1ba3d", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4f2f513-0ce9-58ab-ba87-e2c190e99ecd", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30d69fed-9496-5e14-bd8b-a52bd407fbd5", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:845a174c-fbec-536b-9e68-8b295f089bea", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a111ad0b-34e3-5492-b7f0-acae9b2d2f3b", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:022fe2a1-3755-5884-98eb-98ce96bbb48a", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minicluster." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minicluster@2.7.3.tuxcare.1" } ] }