{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bc12a63c-15d4-5c6a-a8c5-cb0c80d41a58", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive", "name": "hive-llap-server", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5d07768b-6875-58f6-a605-13133ba18891", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab28daf2-a2d3-5e17-acf2-85f502c90b73", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41c2fe7e-8d1c-5059-8dbc-c5dbb982a089", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7613ba4-385d-583a-ab45-c5a8bc108bd2", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8162a498-c7d9-5328-9550-a949cd5b5a96", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:645c4819-e04e-5b19-9d1e-1413fa10e684", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90333d9f-8389-5146-96de-48bfb7782762", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45de1088-deea-5ff1-bcd3-6eb604925a3c", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a37bc640-cf20-5909-9821-e9184621ef0e", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14a2ff35-ccfb-544b-823c-e99b3146cfcc", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-llap-server." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-llap-server@2.3.9-tuxcare.2" } ] }