{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:679b331d-5440-51a5-9a91-62fda8dc3341", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-sls", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fd6f7bc7-be4e-5203-9679-34ca1a15bb67", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0aab7c2f-da75-55c3-8bf7-fbf5920ebbd6", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42386ced-107e-5917-8715-7ecdd0293000", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68cfab3b-fe78-5bbd-b349-17134943ef90", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30f2b255-7a42-5a09-9743-8f627e8ac362", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2af980e4-d54f-58b9-bca2-db438bdb3b8a", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4e6d5b9-b6b1-55c7-9555-6d44a0bdd63e", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83078ab9-38b4-57c3-9dab-b491075a589d", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c15f6a0a-f07e-575d-9b7f-35270839121a", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63e3cbf9-610e-5376-92e1-6aacaff4d937", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc3647d8-5088-5d39-ba3d-7d55374a07f7", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04a3df89-8a36-5bf4-aab5-6ff66c6e2608", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bae44712-8b0b-5392-96c7-42644f047f5a", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7cc7ac8-e1db-503d-a548-d13e303c487e", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1815610-aa05-5867-9e39-e9327faf69d3", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddf79a8e-6a8f-5b83-baae-16b1a0c7c814", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:643c2a68-52bd-58b2-8edf-3727d36d53e5", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46f75da0-9d31-5975-b5f3-701228f1fce5", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-sls." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-sls@2.7.3.tuxcare.1" } ] }