{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d80bf95e-d53f-5e51-a165-40affd31f8d2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1", "type": "library", "group": "org.apache.thrift", "name": "libthrift", "version": "0.9.1-tuxcare.1", "purl": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:32d8aeb3-c18a-5a6e-8ee7-d12b0fe2b449", "id": "CVE-2015-3254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3254 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edeee37a-144f-53c9-8115-936e067d9be0", "id": "CVE-2016-5397", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5397 is fixed in version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3f31f03-bfd2-5109-a7ad-62358aa6a85c", "id": "CVE-2018-1320", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1320 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:480a26b2-e99d-5088-9fb8-1064c34ca8bc", "id": "CVE-2019-0205", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-0205 is fixed in version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e36184c4-7584-5809-b7dd-06b82bee9481", "id": "CVE-2019-11938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11938 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e670a44b-6679-5663-8d17-910ac45e3060", "id": "CVE-2019-11939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11939 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eab54c8e-6ad9-583d-8b86-65a30e046139", "id": "CVE-2019-3552", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3552 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf34620d-054c-5d35-9297-02ec25810f6c", "id": "CVE-2019-3553", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3553 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3bc8259-5e09-594b-b950-6e74bebc5bc7", "id": "CVE-2019-3558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3558 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b219bab0-1018-5ec6-a5f5-d12c91cd0285", "id": "CVE-2019-3559", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3559 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79e092e0-8d08-5643-b514-c2083d2a9216", "id": "CVE-2019-3564", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3564 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0ac270b-9112-5710-af7c-7c9572cc44fb", "id": "CVE-2019-3565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3565 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f8cb399-d5aa-5d6a-8333-a54f22f4758e", "id": "CVE-2021-24028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24028 affects version 0.9.1-tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.1" } ] }