{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c8f64265-c3a3-549f-a81a-0c96f30b6663", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive.hcatalog", "name": "hive-webhcat", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:29b2c9a2-f9f8-581f-a73a-ffa3a7e0eb11", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21b16d24-03b0-5600-9627-84ece8be339c", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:deeb69eb-b70d-5364-9f4b-85af7c8d0f3d", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a9456b3-ebca-573a-879b-ab3a22ec8b9e", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1de60879-548a-571c-97bd-842c8f2ae962", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edbca481-68dc-585b-87eb-6881f516b622", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a88607a1-4f56-5938-bd80-235172b82b63", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:808d7740-af65-5df4-b993-8970c8217ed0", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26f0f71b-a8b0-59e8-a44e-7c4baa7ec495", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94e244c0-6d91-5906-b56c-116774171950", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive.hcatalog:hive-webhcat." }, "affects": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive.hcatalog/hive-webhcat@2.3.9-tuxcare.2" } ] }