{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bcbe07df-78b6-541c-9667-258efcc4fea2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1", "type": "library", "group": "org.apache.thrift", "name": "libthrift", "version": "0.9.3.tuxcare.1", "purl": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1536e567-08d9-5d5a-9687-2545dfbd0645", "id": "CVE-2016-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5397 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a2d0274-c3b4-5e3e-af20-693f7f20d626", "id": "CVE-2018-11798", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11798 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59d571e5-2467-5668-9ff7-ba2001ee946b", "id": "CVE-2018-1320", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1320 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1f724ff-2052-58cf-83ef-3f1071ce5722", "id": "CVE-2019-0205", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0205 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0b74189-086e-5ddd-9faf-743b20c56706", "id": "CVE-2019-0210", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0210 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49cbe041-1116-5c20-a969-0456e03df899", "id": "CVE-2019-11938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11938 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bacd5cd4-d319-52f0-87c9-4c72b666063f", "id": "CVE-2019-11939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11939 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5c3df99-2b2b-56a1-a4bf-fcee49ade721", "id": "CVE-2019-3552", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3552 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fb71b0e-a091-5384-9d0e-689ca4d600de", "id": "CVE-2019-3553", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3553 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e39fe905-5d93-5d0d-ba8d-13fdae0ce54b", "id": "CVE-2019-3558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3558 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50a2aa97-1c23-53c5-bce4-a894f818504d", "id": "CVE-2019-3559", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3559 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57d68c36-0c99-5f13-8314-46a4c63cf946", "id": "CVE-2019-3564", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3564 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b53d741f-198d-54ae-a069-55354af14e3e", "id": "CVE-2019-3565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3565 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c11c55a5-313d-5781-a72e-23a96fef8a05", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9547db81-916b-51c6-8aba-31b103b2650d", "id": "CVE-2021-24028", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-24028 affects version 0.9.3.tuxcare.1 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3.tuxcare.1" } ] }