{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4cabac94-7945-522e-8c92-73863aec9c39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1", "type": "library", "group": "org.apache.hive", "name": "hive-jdbc-handler", "version": "2.3.9.tuxcare.1", "purl": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6e9f71d6-3a11-5e0b-aa60-7666b7f90c08", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:924bd725-2760-50cc-a8bb-e3de0cbb9dd3", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1533e33-3fbc-53ab-a3b7-3fc7dca4404e", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:892fc63d-0479-5cae-b625-3731dae0b374", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cd73ed5-c4c4-5ce7-827d-16c3f6aeb3fb", "id": "CVE-2024-29869", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29869 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebf73091-e206-5cf8-9576-299c7db9a3c4", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a0ae390-3778-53a3-9805-1c6acb99ced6", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:986ca189-a4b7-5505-a00a-d42a12268590", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dfb2b0a-d155-56c9-81ac-eccac5c4779c", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c0aea9b-09ad-5399-ba09-a90338f73952", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9.tuxcare.1" } ] }