{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:41e5c9a2-0922-5c52-94d1-f27fe0182eb4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1", "type": "library", "group": "org.apache.tika", "name": "tika-core", "version": "2.9.4-tuxcare.1", "purl": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:207ccb58-c48e-5315-a03c-c4a779f7f451", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:716c1cfd-7275-5793-98d4-f4e4f34f593f", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a26b50be-d61c-54df-a208-1f9cd03caddb", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:add939f4-e9f2-50b5-b6c5-4bafe04fd2da", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60b39268-f7aa-583c-91ec-a8f781bd34e3", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa5c55fa-2578-59ff-b255-8115d722b9ac", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2800a3d6-697a-5f5b-8c7b-0240a37f077d", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03ff6e52-c56e-5708-bcbf-58c77ac2d0e7", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a6e21e0-2717-527e-a48f-f7875bfaf571", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67f6e5f5-2a43-55b8-a2c2-3d22168b465f", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27ad1d80-4ef4-5c5c-8922-3a0df19a6fd9", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf6fbc96-b114-54e2-85f2-9e61263ed08d", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f2c97f4-1770-5a56-9306-38d1b08f7c36", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26cc293d-d291-570f-8b22-c3913b767a74", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3862e8e-6a1b-51f7-9b80-18f5760f77fb", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ae94529-4c31-5b7d-b9c3-d9b3f8cc8401", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6940ee2-1b07-528a-afe7-703020d3252c", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a028cba-a71b-5cf8-bce1-d64b8b9f67f0", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b3eac08-3499-51de-bc24-3c6423a09b4a", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c916ce0-8238-5ca0-a177-ea0202b76396", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f51b794-b976-5b0d-833a-ade0303632ac", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa5541b0-8a57-5fd7-bb7f-7082e87fe667", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53306c50-5a6a-5d65-a70f-cb96d99a8b68", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a1487b3-16d1-5c86-89a3-be08cdf2d07d", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:421f179f-e9c5-52b5-9b46-9fb7d31a14bd", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46981119-14a5-590f-8165-960f00c37975", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffcdc828-a784-5756-8f91-ee7149ec7f38", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:529cc862-34e8-5494-95a4-bea0da10cd44", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dee05212-e096-59d9-843f-62a03335391e", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74096f54-a1d6-500d-8b67-e359888e4df9", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0569ebc3-ca72-55b9-8aa5-556e8e9754c6", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b42ba980-ab08-5290-84a3-67e73b2880e9", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ce8edd2-acc9-5a87-9d40-3f975dbe2068", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c8a18c7-6a99-5ab0-b857-92ec34de3f26", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e080b915-51c7-59d4-8bfe-421c8c117d0f", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f147eff-27a9-5e46-8ea6-f83dafe45ec9", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4ed2c48-afdd-5c48-805d-246c7fbc505f", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d4bb37d-065e-5d22-b7e1-a75b75fe9f39", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5a18060-631b-570c-b861-2dffd46d95aa", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf04a947-7075-508f-a43d-4035022118f6", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85c753d5-f04a-541a-a0d3-c05f0bc23390", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86687091-d828-5721-bd86-838ac33d3052", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4447b71-e8b7-5b08-9094-5ad25d08d0f5", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccfa4c22-9ab5-5532-bfdf-cc094faffcac", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2514e413-7c9d-50d6-9d86-7ffb5e98428b", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6469c280-f539-5769-b9a4-0ba53403698a", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2687763-73d9-5f73-8a4d-769431c58a73", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50a93f13-465b-5fea-a9eb-bbac4c746d2f", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-core 2.9.4-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52c01746-d236-5835-882a-e6a4877320ab", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6655b55d-60fd-58ab-b498-80f0fa9cf8c4", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88e52d96-4a76-5903-a60f-ed72bcd8f209", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e15d189-5998-5ace-877d-e1ac855b1fc8", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.1" } ] }