{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:60400846-b078-5b61-990e-09ae4346d815", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-openstack", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:04004fb9-0dbc-534d-8309-097e77c4b9b5", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df56d2ba-d38e-526f-ab25-ba243ab0262e", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a21d23c-efc1-5820-a972-f33491732d12", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96af7107-e6ae-5e85-a22d-79d8670de7d1", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70132576-dba0-596f-9c0f-d162acdb1680", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:692494fa-e684-5fa6-97b9-54ef9ac4692c", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8746e5b-e2ee-5ed8-ac56-3eb807b9a3d6", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5edfcca7-d97e-5c10-ad57-68a0148659a9", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18202f1b-fb30-59db-84d4-2e089c4deb0b", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:292a14ac-49a8-5894-bac3-409889b1af01", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86ec6165-8841-5693-8169-742f3dfd8c68", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54700139-ed9e-573c-91ca-57f5968f0d61", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6607238b-f887-5a08-86c4-bd59e7ec60d7", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:faee7577-a6c1-515b-8386-96757dcb59fa", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:774eefce-9913-521f-aa70-cf26560323cd", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d1de2c4-ea8c-52ba-b95c-64c974429b77", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30f80503-d8ec-5620-9134-e73406915af6", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2e9d45b-feb8-5fba-b082-5ec0806b294d", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-openstack." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-openstack@2.7.3.tuxcare.1" } ] }