{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:920e3823-5774-57ab-812d-6004a82cbd09", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1", "type": "library", "group": "org.apache.hive.hcatalog", "name": "hive-hcatalog", "version": "2.3.9.tuxcare.1", "purl": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:67d9702c-e836-5229-b7ef-4a642d3cf950", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82c562c5-d5bb-5da0-9d84-e9e8b22c9507", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28c2dbc5-51b3-50c5-bf24-65d26db4115b", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fca5d565-0277-5d3b-998f-749ea346bf81", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72e36216-7630-5b0f-b1ac-eb1dd602dca7", "id": "CVE-2024-29869", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29869 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f57611d9-7d37-57d4-b895-9f16f50162c1", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35155f9a-e78f-5259-a404-43f99489a980", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca08e433-0404-5e91-8591-6e74c9e3bca9", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36edf87b-637a-57bb-9584-894175e50edd", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b45e1669-f59d-5b42-9e9f-8e199b94fd8d", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9.tuxcare.1 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9.tuxcare.1" } ] }