{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a73689f3-91da-5174-ab39-199cf2cd66b9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-minikdc", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:864db611-f4ba-5d1c-b5eb-948d684e6e34", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e04639b-c3ba-528f-8ee4-ca1a95b04bca", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:694d8485-43e1-5a26-bf92-fbe70fe34be2", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4746dfb8-7799-5e08-b499-605c3f0e9cf0", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9991c88f-1480-5695-9daf-676ba0d7c1fd", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ff277bb-a165-5d4a-a2a2-c9fd29f6d0b9", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a459021-f563-59b8-a9ad-aa44181b22b7", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9118a8e2-27b5-564c-9c98-ce74a22a72f9", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f0bea7c-23b4-5653-a05c-4625031b5b94", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:260a1477-cb09-53dd-b375-bd6abd70a499", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:963d84a6-1944-5af2-bd2b-7ed22f7383bb", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d99c40f8-16d1-5d0d-89cf-83781f42679e", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09f04b21-f4f4-5b35-bc9e-fdec514ecb0a", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d0e6f3a-2025-5da6-b432-3ad9d9fb116f", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b420b628-f4d7-5db2-91c6-d5a537a3f3fb", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a983f184-a2c1-5824-b73a-91e2a1259ca0", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:630312cc-2518-52bd-8175-eb32e209f706", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73ea892b-35fe-544a-aa25-7fb205c3b13d", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92900a08-4289-554a-8bda-fb8e29f20cd0", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6aca45e7-c791-573e-aede-68670227e87d", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00934c48-1d8e-5650-b8e7-0fc293873fce", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.1.tuxcare.1" } ] }