{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e59ca801-9880-575f-a5b6-b51cfd0b87ca", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive", "name": "hive-druid-handler", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b73d8ac8-e22f-5856-91fe-c336a89dbc16", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:797d8236-fd8e-505e-8881-fae7e468d971", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54044a1a-1857-56b6-b146-a52774a72194", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f37246a-12d6-590a-8ce6-cb3a3e150d22", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5abd0965-7c19-50b4-b82f-519d270e3509", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d9408b5-6917-5663-94d9-6a52474f6878", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2106224-19e6-5a83-bd36-5319758931e9", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bac6370-bc5e-55b0-9125-13b181de2275", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0808e881-5b52-5777-8b8d-311873b02e81", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22c94026-23bd-5e2c-bc6b-bb3159c18f04", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-druid-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-druid-handler@2.3.9-tuxcare.2" } ] }