{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:209b01ba-2158-53b5-b506-0e3c928be848", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-openstack", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:511ee895-d8bb-5b98-a13b-8a83d7be7ae6", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f210a44-1641-508a-936a-468c82f0108d", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0df344f-6800-5bca-afd2-c3aa15269a6e", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae6e3d50-8459-55d9-b5dc-46c7968f3548", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71bf5521-d4f4-563f-ab65-287671678a07", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49937afb-d237-50af-8366-a40f8f840905", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cd0cd09-bec1-5e1f-9bbb-bce820ec7d94", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4687bb2-d41f-5afb-8c97-9b8eff10df08", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8716a52b-d69c-5dde-a321-553e26c63ede", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f85fc411-d5c7-547d-b9dc-b3151df60e4a", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf308c1a-6230-5135-898e-295b099fc0db", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d138dc58-66d1-5111-a4a2-be06965c8a7c", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:563ad231-2be0-5147-8448-dbd4f0d6ece3", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c675779e-af75-552e-8bcc-ab0e2a44a1f1", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7e31cba-8e34-5a68-b1e2-90e475535f45", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b99017b9-1430-526d-bbbb-cfd9ef5fe257", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3472c1d-98a4-5fdf-9f0d-4499d8c56ad3", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b423b13-8c0a-54fe-a7ce-63c68eabba74", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:799e062d-a78d-5892-90f1-8d36499dd0e5", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12a07069-f3af-5925-bbb3-67b69c48042e", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b92ea04-eb65-5e70-8011-eec7c5311891", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.1.tuxcare.1" } ] }