{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:81443c7b-01ba-5124-b085-4a089197779f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-minikdc", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:18606fb9-46ee-52fb-b4ee-23f9e9ede712", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89058fa5-d66d-5cbd-b277-bca140094275", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:301294b6-977a-5b0f-af34-08085eaa9b69", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83f8da0f-9078-584e-b940-b7717abc6d51", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c6f429f-3691-5c18-99ab-712f313315ff", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6d2e05e-b580-53f5-baf8-e5c8381d71a1", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b457a2bc-93b5-59ed-9f7f-c5e3c411eb3f", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64ff9cfc-8589-5878-bf1c-1b8a8e9de12d", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d81119f-f95f-560a-b610-405cb26d7838", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6c83010-0fa2-5d42-a0e6-a86d7d2fffca", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:486adb4c-bd42-50c7-961f-443d6ef68a42", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70cc607b-d123-5fdc-81b2-7fde9e4a371d", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e010ed3a-340b-5696-8e95-69804eea36c5", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22f4294f-92b6-5e30-b08e-5f1d8fcab585", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fedb64c5-e8bc-58f0-b8f6-b499a233864e", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af2fb3c7-5ebe-5802-8ef3-e1808b3fd7df", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac2c65b6-48a6-5206-b728-e032db36ff21", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85dc393f-6545-5ad1-a4dd-9671882c7df9", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-minikdc." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-minikdc@2.7.3.tuxcare.1" } ] }