{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:44667033-407e-5f14-b224-70603e4d2b0d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-yarn-server-resourcemanager", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6f1813bb-d506-5615-8cda-7bc28c351ecf", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4877a7f-3bc1-555c-af05-89c503ad08fb", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41daca01-86eb-519f-807c-c53e190713c6", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e501396-359c-5858-9891-cf55f7249557", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae76246d-ec9b-544d-a9ff-f9440df00965", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:589e34cc-59a7-517f-abcf-924540c7ee61", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7753af89-778d-56f8-bb2b-750042c8339a", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6fdf5d9-2e1b-573f-8d77-1c94a06b4af3", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19cbaea7-a5cc-59e4-9442-5997b5af5161", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:714a069a-300b-594f-b82f-d438e98964af", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e316439f-7102-5d5a-90fa-6c35e4d77402", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65c2b9f2-8121-5d2f-9b48-887efc4af8f5", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fc445d5-0aea-5b6d-8dc1-5379f01c2609", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49f7a334-dbee-5d50-b296-78e1e88046dc", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e77ba03-1721-54ab-854d-112968400e09", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50ee3eae-5329-52f2-b5da-4b50a119aa9c", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6fcf648-0eda-5ffe-801b-63575a29a958", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bee4ade-b0a1-59d1-adff-403438b51260", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33f2493b-d7bb-51e8-a5d3-080d7609b5d4", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30dfe7ea-7671-5dc1-9066-12e199c4137e", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80982211-2675-5f67-8353-88b0db6259f5", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-resourcemanager." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-resourcemanager@2.7.1.tuxcare.1" } ] }