{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:05213d82-278e-5128-a905-1c54d5e00b08", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-yarn-server-tests", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fa97de7b-371c-591f-972c-5e3b63275e9c", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a14d182e-4714-5f29-8121-0fa0e4e8a303", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5448ec38-4057-53b6-abb3-8a6a42b68e94", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1253e62-1787-52b6-bc0d-e192b3afb5a7", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f07c2553-ff59-5b7d-9181-8b7f5689644d", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:661fc3d9-61af-5467-98f6-24cbbd1dd6c6", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71db4e06-141a-5c9e-a61b-55d4668710ec", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:760465c4-9458-5583-81cd-ba4918bcdeb1", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9b16a86-c912-575c-9476-08c59eae2340", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c22f1aa-a069-5772-a7b9-09a1a294ae79", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a170e7f5-6dd2-5127-919a-d30fb5932a41", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:003bb85a-218b-54ae-a5c1-854144112fb7", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:711fc78d-ff3a-57f1-8e35-8ae110024faa", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0dd21111-c067-5461-816d-ab06edaed8db", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83009b21-31b1-5afb-9a4e-b102a0cc706d", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:772720b4-5b3a-5878-9304-85b7cd50b6e5", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2db9a5b2-554a-5fb4-acc5-539a2f08f79c", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc157d14-efb0-5302-9b07-85f125a4e64f", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1b58d46-1b4c-56d3-96e0-f0d7cfc89ae0", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:703a3439-3c4f-50eb-ad89-fa4bb97296ec", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d48274d6-1864-59e9-b173-989dd676e089", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-tests." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-tests@2.7.1.tuxcare.1" } ] }