{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6f561054-93f9-5670-827e-c9a934fc9fab", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive", "name": "hive-jdbc-handler", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b61f2495-a118-5d1b-8e83-8ee7a2006f0b", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:412a73f5-ce92-56ed-8521-4020f6e28710", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd3d3b06-d7b4-51d1-b4c3-3760aee17b88", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:183b90e7-4feb-52d9-a663-e21cd62006e5", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6890bad4-bc82-56ce-bddd-e287a30f19e1", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b712fd7-5f85-5c61-a300-a50ee4bddf2c", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68eff185-4b80-5025-b12f-ac1ff89336e3", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6606edd3-c9a2-5b61-8d31-5990dbf752c2", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8160420d-4981-539a-85a3-a7a87f0714ae", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95ace390-40e6-5809-8e77-69b22797bbb9", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-jdbc-handler." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-jdbc-handler@2.3.9-tuxcare.2" } ] }