{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2306fcd1-e38e-5724-92d9-9ed523b85248", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2", "type": "library", "group": "org.apache.hive", "name": "hive", "version": "2.3.9-tuxcare.2", "purl": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3d93003e-6b66-5c39-9412-95e38128c2c2", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efe397f6-3e9f-57e8-b132-b3dd7dd71309", "id": "CVE-2021-34538", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34538 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efc88d62-6031-52dd-81ca-7bea2404036c", "id": "CVE-2024-23945", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23945 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9741cde-4b35-5a16-b455-c6fba1d97e3a", "id": "CVE-2024-23953", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-23953 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f456f2a0-44b7-5b51-8b86-27bc18876dd2", "id": "CVE-2024-29869", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29869 is fixed in version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d26cdf4-04d6-5d02-8e54-223e8cfd2177", "id": "CVE-2024-45384", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45384 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6664e37b-80e5-503f-9a31-bd1429636dc8", "id": "CVE-2024-45537", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45537 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40534f7f-ca94-5807-8612-bc3cd4af2f43", "id": "CVE-2025-27888", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27888 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94bfd81a-7009-521a-ac75-d6ce00e4c02c", "id": "CVE-2025-59390", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59390 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:324e4a56-82b2-5635-aa1c-0200b0c93c7c", "id": "CVE-2026-23906", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-23906 affects version 2.3.9-tuxcare.2 of org.apache.hive:hive." }, "affects": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.hive/hive@2.3.9-tuxcare.2" } ] }