{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:02bbb18a-2080-52cc-9ed9-0820c0b9f431", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1", "type": "library", "group": "org.apache.hadoop", "name": "hadoop-yarn-server-web-proxy", "version": "2.7.1.tuxcare.1", "purl": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:94a66022-3646-526e-848d-5b945e9abec4", "id": "CVE-2016-3086", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-3086 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f44ba85-8b7d-551c-892e-c50afafa16ee", "id": "CVE-2016-5001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5001 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:641598cb-d430-5275-8b8d-6e3b053970da", "id": "CVE-2016-5393", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5393 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62da97ab-8ca3-5d90-bd11-133df5a0b946", "id": "CVE-2016-6811", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6811 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aada2141-fa35-55db-8b86-c82afa139f64", "id": "CVE-2017-15713", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15713 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83b47f20-09b4-5708-8490-34bd4436492b", "id": "CVE-2017-15718", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-15718 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6859810-2cf0-5d61-8844-505742247e11", "id": "CVE-2017-3166", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3166 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6952ac5d-808b-5e4f-ab0d-f193005b7425", "id": "CVE-2017-7669", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7669 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3be66b35-3852-5ed3-ae90-4222a9c18079", "id": "CVE-2018-11765", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11765 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a183939c-9f68-5fc3-b6fc-788941b4fc8d", "id": "CVE-2018-11766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11766 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c54d3870-70c9-5a92-bb56-fd0a0966a050", "id": "CVE-2018-11768", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11768 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aaf5acad-eb3b-5f37-a455-66d64df959c7", "id": "CVE-2018-1296", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1296 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9ab2f96-8788-5419-a2bf-bfd944489197", "id": "CVE-2018-8009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8009 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48ba1afb-e158-548b-a16c-0a2989247a34", "id": "CVE-2018-8029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8029 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42df3262-3ffb-5cbb-a553-38e54964d03d", "id": "CVE-2020-9492", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-9492 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9823754a-e0b5-5ef3-ac6e-f99b9e0a490a", "id": "CVE-2021-25642", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-25642 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f3cc9d4-8592-522e-8d4f-a2c59f1fbdae", "id": "CVE-2021-33036", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-33036 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59331ddf-1432-55c4-bf37-62178bea8f9a", "id": "CVE-2021-37404", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-37404 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d66af3b-a8a0-5290-a76f-91e69f4f5347", "id": "CVE-2022-25168", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-25168 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49a8b972-13db-5fa8-9538-5533f49c5696", "id": "CVE-2022-26612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-26612 affects version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43f6d3df-8463-5bc2-9de2-5b8e9e6d5c68", "id": "CVE-2024-23454", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-23454 is fixed in version 2.7.1.tuxcare.1 of org.apache.hadoop:hadoop-yarn-server-web-proxy." }, "affects": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hadoop/hadoop-yarn-server-web-proxy@2.7.1.tuxcare.1" } ] }