{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a070d5a6-b108-55eb-889f-cd9ffb8e58c5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2", "type": "library", "group": "org.apache.thrift", "name": "libfb303", "version": "0.9.1-tuxcare.2", "purl": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fff1a1b1-28eb-5703-a415-7641ab7242f0", "id": "CVE-2015-3254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3254 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ad0e80b-57e2-5490-9911-43c75818abc0", "id": "CVE-2016-5397", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5397 is fixed in version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b4a430a-6567-5976-a577-5c1596f095b9", "id": "CVE-2018-1320", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1320 is fixed in version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f6a7336-5c63-57dc-bf04-3ac9acf6b2f2", "id": "CVE-2019-0205", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-0205 is fixed in version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be90da5a-1da2-5368-b9c8-db5025107ead", "id": "CVE-2019-11938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11938 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96aa7655-7626-5dc8-be85-83fddf275f5d", "id": "CVE-2019-11939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11939 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5dd0bba-14f3-5f37-a299-2886e63ecab2", "id": "CVE-2019-3552", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3552 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:480437fe-63a0-5c51-9d17-fcb77f83ade6", "id": "CVE-2019-3553", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3553 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21057a24-8a4f-5e36-8b53-4bfd7c5caf01", "id": "CVE-2019-3558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3558 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3a3d91a-c595-5325-90d1-710a0c69a26f", "id": "CVE-2019-3559", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3559 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4320c3d4-6684-52aa-9dcf-755151982a57", "id": "CVE-2019-3564", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3564 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49dd8006-d032-589b-8bf2-389eef100bb7", "id": "CVE-2019-3565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3565 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0432e8f0-e6b6-5d23-8044-ca23cd7d2c9d", "id": "CVE-2021-24028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24028 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.1-tuxcare.2" } ] }