{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:54d342da-b98d-502d-adea-d53b1dff6cb1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1", "type": "library", "group": "org.apache.thrift", "name": "libfb303", "version": "0.9.3.tuxcare.1", "purl": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4380ac4b-0d96-51e1-a52c-061490c05512", "id": "CVE-2016-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5397 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf4a635a-8ff0-5e6a-a1af-7b0cd8c971b8", "id": "CVE-2018-11798", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11798 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:506affaf-9f71-510d-a2c7-f77412fb4e12", "id": "CVE-2018-1320", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1320 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6daf296-ed97-5ba6-bf75-c21f782454f4", "id": "CVE-2019-0205", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0205 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c36bae9a-6b10-5cbf-85ab-343b91b33bac", "id": "CVE-2019-0210", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0210 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cf9a7f8-bf20-5f6c-8fc9-6206f80d5c44", "id": "CVE-2019-11938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11938 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbd721ae-f942-5232-bbdf-73294348f6b6", "id": "CVE-2019-11939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11939 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f90c0c3e-fa4e-54e4-b911-ade3119e3bf1", "id": "CVE-2019-3552", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3552 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27fa05e1-7a03-5c04-96c3-8cab9297da78", "id": "CVE-2019-3553", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3553 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91b92831-e842-5944-a949-30bf06a2455b", "id": "CVE-2019-3558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3558 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6f42bef-0085-51a7-8864-56c7bf8012e1", "id": "CVE-2019-3559", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3559 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:499d1b40-efa6-541a-8f69-be9614b9e232", "id": "CVE-2019-3564", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3564 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cad2ece7-d9b6-555f-9781-393aeb144f7e", "id": "CVE-2019-3565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3565 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d64120ec-e27a-5796-a87d-615612fca12b", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf35de4b-62c4-5e3f-b5a6-247fe6c0ea87", "id": "CVE-2021-24028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24028 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libfb303." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.thrift/libfb303@0.9.3.tuxcare.1" } ] }