{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0f2c1e6a-eeba-568c-b28a-879e11f9b941", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1", "type": "library", "group": "org.apache.hive", "name": "hive-packaging", "version": "2.3.9.tuxcare.1", "purl": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e953d368-6ce1-5fcb-880a-6165329a8ffb", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbce66b2-d867-5e78-9c69-9e496bd33b5c", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e617a1b-f125-5fad-8841-1ba9a4e17d2f", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30147fe0-e82b-53e6-9fc1-4e20dba59eb9", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4e8ca81-779b-5fc7-a4bb-5c1f57c09111", "id": "CVE-2024-29869", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-29869 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:087dc4f1-7443-5308-9f42-9bc5dc816e34", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb9af501-6eee-5e14-91b8-3c48d7e62e39", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:756d73fd-4197-5c02-a573-17a121fdcd40", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d461311-1fec-591b-bd11-00e76ac4f8ff", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff4cc1b1-fe52-55da-bdd4-b7ac8a38c7c9", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9.tuxcare.1 of org.apache.hive:hive-packaging." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-packaging@2.3.9.tuxcare.1" } ] }