{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2afc5141-43de-5fde-ad50-57e8b883051e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-yarn-applications-unmanaged-am-launcher", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3cf3e32b-d6ea-54a0-8723-93f5d79b3208", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fd33990-1d96-52f3-b4f4-ce1c152c24db", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfb86a68-274f-5bf7-ba81-f272c0d81448", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31b35be6-9c97-5d36-86b7-d954fa710822", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa54cede-a69a-5886-8f48-d476db029648", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8fe9a33-cea8-56e2-8e45-de28c31721f2", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a1ab85c-83c4-5872-8225-2c52fd846ce7", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18255461-9df2-517f-9d2a-e9511ea1f9c1", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd8951a8-a767-53d8-a64e-d76afe1970cf", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68e50603-5cf6-55bc-9909-1374c1a105ce", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84b664ab-4fe4-5c3f-ac72-3c61ccb9dffc", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36235049-3824-57d2-bf64-b4b49fd8408b", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43452c73-5036-54b4-8263-47d67006425b", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc5ff206-f874-5bef-a39f-e5da742c4692", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02a7fffb-807e-564b-acc2-7352c2a8d93a", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:168824dc-9a2c-5b3c-b621-3ad545e7aee2", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f11f8be-1c4d-5eae-bad5-874fe702a2df", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13798d3c-89e9-5632-ac38-0e710244cdfb", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d93a059-5bf4-57ce-bd71-61ed6a812da6", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f8e380f-be14-53b8-bd26-f588ca60290f", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b10de3b-6648-5d64-9767-6a58a7107ca0", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-applications-unmanaged-am-launcher." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-applications-unmanaged-am-launcher@2.7.1.tuxcare.1" } ] }