{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8f3876f6-d5c0-5dcd-ab90-930ef5287b21", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1", "type": "library", "group": "org.apache.hive", "name": "hive-jdbc", "version": "2.3.9.tuxcare.1", "purl": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:45ded016-16f3-598f-83ad-7f3d274cef1a", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b73e2292-80b3-5af4-b95a-84bacbb1fb5c", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4dd52cad-e0ed-56e8-b6d1-9ff5a63cc1fe", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b08c0fd7-9d94-558f-b21d-88400df4212e", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b310eba6-5804-5b8c-aac9-c6692e9edc85", "id": "CVE-2024-29869", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29869 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5af154c-1948-5545-8894-7538cc67a684", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c0986fe-c3bf-5d54-bbf4-f61222b5261f", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2534f2fc-e335-546c-8eff-c05633a918fa", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a66d565c-19e1-5800-9aa4-3008ceb3d61b", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83ce1aee-ef9f-5c64-9fd4-db85783f16ac", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-jdbc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc@2.3.9.tuxcare.1" } ] }