{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:66494114-8fe0-5657-9686-333eb3f4d855", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive", "name": "hive-shims-aggregator", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3b53dcf0-1c0a-5cbb-9696-a709e2430075", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f4733cc-71de-58ac-aec1-3ce68480d5ce", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c07380d4-408c-5fa7-8d01-ce5859303621", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b44d36a-1627-5fc2-b2b6-90178207196b", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea6589a6-e73f-5d38-a31c-84b2cc852caa", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bd1fe13-532b-58c9-be08-2c3f53f05cda", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d9010a0-0428-505b-857e-b82f11f8d75b", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc134789-2eca-5555-b861-3b542d8830bc", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c0ecf20-9b1e-5eaa-84f2-595597f505cd", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5feaa57-cacd-5689-b058-a737edac76d2", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive-shims-aggregator." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive-shims-aggregator@2.3.9-tuxcare.2" } ] }