{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:412f0b26-9dd8-50b5-8d9b-bc872dd412fa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2", "type": "library", "group": "org.apache.thrift", "name": "libthrift", "version": "0.9.1-tuxcare.2", "purl": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0f5f2ba4-c60a-5e95-b8a7-b9d9d3a6f1b7", "id": "CVE-2015-3254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3254 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6541161e-7de3-522b-9ee2-9ba5f5c1ddb4", "id": "CVE-2016-5397", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5397 is fixed in version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:102091cc-ccd8-5dcf-8099-12adb587ac62", "id": "CVE-2018-1320", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1320 is fixed in version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e8d1c09-c6d7-5359-8170-8e8057f2b32a", "id": "CVE-2019-0205", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-0205 is fixed in version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7c5a90c-9a5e-5352-bb99-f85d08beb4ab", "id": "CVE-2019-11938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11938 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87ff0003-8888-50bd-b065-a577247979ee", "id": "CVE-2019-11939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11939 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49a79559-f74c-5a21-a552-128dc80853d6", "id": "CVE-2019-3552", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3552 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b136d79-5402-5d7b-a0c9-cd6bb34fdd41", "id": "CVE-2019-3553", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3553 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8aecd05c-9f53-582d-8a7a-d017896e5d66", "id": "CVE-2019-3558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3558 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59dc5d45-9b5c-536c-bd9e-11b22ea90b5c", "id": "CVE-2019-3559", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3559 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9a82511-e3ec-52c3-8052-8dcf87e7e399", "id": "CVE-2019-3564", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3564 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96b4c3f1-8698-53a1-a529-0f3ab61435ef", "id": "CVE-2019-3565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3565 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6b32fd4-ba2b-59a1-a989-8898dd3552c5", "id": "CVE-2021-24028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24028 affects version 0.9.1-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.1-tuxcare.2" } ] }