{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9a979cd2-9eb6-5658-bab1-f8ccbc9e0bfe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-yarn-applications-distributedshell", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e9b3cf8c-0cfc-5c6c-9286-0a31dc99ee40", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5a1bb66-e291-5c51-a005-fe20a7d21eb6", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65213e73-3afb-563c-9f8e-9562a31eb800", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51b7118e-62ac-5333-a628-1aba11087a52", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75f0fa87-85c5-54a1-91ab-82ec3dc75d32", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a831b2d-5c49-5555-837b-e2d0a5b2e423", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75edc327-abc9-5669-9237-ae3b6098625b", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f56978fa-6a00-56c5-a29a-54f2989fd73e", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a526143d-b05f-5214-a4db-dfacde958490", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b754ec2f-cff4-54e2-b3b9-0b4f94e7ead3", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1965d155-8012-5f13-a45a-d31da8b4f062", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d030fac6-8839-571c-b6fd-a9c5f1bdd5f5", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5de26865-f418-59fb-983b-3d759577a6d8", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89eaffd7-2198-5ef7-8467-e2ce935de4bb", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ac981f4-2ab0-5194-9ef6-35726a4235e5", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:310094b0-4156-566e-a5e9-53352bf5453f", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:343d99f9-e7ce-5013-8934-0267979a0855", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67e28b78-7368-575d-936b-ab005dd08e1f", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-distributedshell." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-distributedshell@2.7.3.tuxcare.1" } ] }