{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5a99464d-eecc-5f59-99c3-4f310dec9fe2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-yarn-server-nodemanager", "version": "2.7.3.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2e734e16-1bbc-5aef-a317-f3cd13102f14", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cd36e76-8176-5805-b0e7-8437df0f0456", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b63d6c6-cadf-50b4-9db2-ffe36c8aab15", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0165d7e-fa69-5ede-9329-7860e462dd02", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f540bd2a-c631-5232-9913-446b5211f23a", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:790006e3-379f-5b72-b957-0bd187a8fd63", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3d75e4f-12a9-5f65-903d-edf30b43484b", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:975a1a1a-60f7-5273-9b06-ceced5e3a6ab", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7f40203-ec0a-5eb2-b654-4bac2642fbfa", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:532680f8-3ada-5030-a365-1311edbf081b", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bc8e55f-467c-5256-a1c4-b1a3d6589915", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae50c76f-2e25-5cde-bb49-3afe9bc6d015", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2fe394af-45ed-58bd-9fdf-dca216a8b45a", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d223c686-3655-591c-ac57-e730fa83da07", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c1c93a6-c66d-5346-85d4-e1057ec35f1e", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a402ff0-93db-50f9-95e6-8163529f4b5e", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0523eebc-1f2b-573c-b0cf-972f241011f5", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7517c5bc-7416-5bc3-b359-693e55bf8f32", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.3.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-nodemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-nodemanager@2.7.3.tuxcare.1" } ] }