{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:32c5909b-330b-5354-9557-4b43b3d0be09", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2", "type": "library", "group": "org.apache.thrift", "name": "libthrift", "version": "0.9.3-tuxcare.2", "purl": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:32472865-4369-5101-ad98-accacf8e7e52", "id": "CVE-2016-5397", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2016-5397 is fixed in version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49b46017-6f91-5f32-b519-fc6688b05c4e", "id": "CVE-2018-11798", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-11798 is fixed in version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a0fcefb-795f-5446-b39c-a4a6b608ba80", "id": "CVE-2018-1320", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1320 is fixed in version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29fe2d6c-1c65-5b15-9e11-7a3be399b4d2", "id": "CVE-2019-0205", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-0205 is fixed in version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:649cb767-aae8-5a86-b06f-02129c62bf7a", "id": "CVE-2019-11939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-11939 affects version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e167d3a2-0fcb-55e9-846c-1ec0dfed9802", "id": "CVE-2019-3553", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3553 affects version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ba550ab-5db1-5db0-bcca-0772a2190eca", "id": "CVE-2019-3558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3558 affects version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac92066d-6af6-56c9-8954-327d88b87801", "id": "CVE-2019-3564", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3564 affects version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5df63ad-5513-5ad6-a167-1a64b2bdfe63", "id": "CVE-2019-3565", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-3565 affects version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31b39606-fee3-5d5a-aa93-01d71333451b", "id": "CVE-2020-13949", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-13949 is fixed in version 0.9.3-tuxcare.2 of org.apache.thrift:libthrift." }, "affects": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.thrift/libthrift@0.9.3-tuxcare.2" } ] }