{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e0b137c0-3244-50b0-971a-1ad935ae3279", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4", "type": "library", "group": "org.apache.thrift", "name": "libthrift", "version": "0.9.3-tuxcare.4", "purl": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:598cec24-ccb6-5654-afc1-eaf594c2de20", "id": "CVE-2016-5397", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5397 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7cb0d82c-d037-5e85-9b29-675727a0d675", "id": "CVE-2018-11798", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11798 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53332f3b-06c9-5d32-a5b8-5587a10f5f40", "id": "CVE-2018-1320", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1320 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2289dc0-8e75-5e29-abbb-a4667d11ef6c", "id": "CVE-2019-0205", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-0205 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf0e17fe-cd39-540d-ba80-71ec787be389", "id": "CVE-2019-0210", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0210 affects version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09a1f424-bb88-5b31-b335-dff4137ec556", "id": "CVE-2019-11938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11938 affects version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75ac3a58-b199-542d-9f13-4d55b06d24dc", "id": "CVE-2019-11939", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-11939 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9a02b2d-da8b-5482-9aa6-3f061b575d14", "id": "CVE-2019-3552", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3552 affects version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:04c948cc-b7a4-5433-8ea2-3fc2ddb92f35", "id": "CVE-2019-3553", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-3553 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c8dcbde-2c25-5686-8e34-35948786b571", "id": "CVE-2019-3558", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-3558 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39f601de-05d3-5bd0-a25b-fff73bca54ef", "id": "CVE-2019-3559", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3559 affects version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3067cf7c-175d-5bc2-a49a-e90c89b2ac22", "id": "CVE-2019-3564", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-3564 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:873ec031-280a-5ed7-85b9-4e727c123cc3", "id": "CVE-2019-3565", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-3565 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eeecbf72-3805-5bdb-8670-8b791e6f975c", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:482eb672-3a77-53e1-9824-7d60b791841b", "id": "CVE-2021-24028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24028 affects version 0.9.3-tuxcare.4 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.4" } ] }