{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8ed5038a-4433-58da-b06c-bf4b6afbcda6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive.hcatalog", "name": "hive-hcatalog", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:49549f99-89e5-577a-b672-70b657b93ffd", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3158bd0-df69-56f9-b5e6-f7c7ffadfc52", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c338e396-3b1c-51a6-8b34-c6a666f7c108", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a7553e7-c726-512d-becd-62d03a2e3de1", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a070d884-1505-5e55-86d1-a5a4e202c09f", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d174c1af-7f58-5b55-8068-65c7c7ba1a54", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33a4e35d-0d48-5d7c-8fb6-62015f5cafe3", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7292351-cdfc-5f8c-b0df-e95d3def9f8a", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fb8f26d-78ba-572b-8586-629eead81b5b", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46b67e03-791b-5adc-a6f0-b0b9e4a4f1df", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-hcatalog." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-hcatalog@2.3.9-tuxcare.2" } ] }