{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:31ee3fc9-a720-53ed-9afa-4d62ba8c2de9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive", "name": "hive-service-rpc", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:30185de8-9414-5432-a5a4-121fbd74fa07", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1ccf027-404e-5504-acb7-b32635e55e52", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60281527-7f82-5118-b4dc-7193c95df6c4", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c44e95c7-afca-5df6-9b4d-795d2da52d67", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:999cec69-3789-5c3e-a26a-925b3f1e7099", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d44e04c-9f16-5212-a126-4197222af31b", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72b7e666-d7cb-5fb3-beed-04c39696ae3b", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2173574-3af6-576e-b1f7-a0684e675003", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5adde69-5317-5893-813c-1f049d9e32cc", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11f67345-a3b0-52e5-84c1-da802ec9647f", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-service-rpc." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-service-rpc@2.3.9-tuxcare.2" } ] }