{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bc25e4c3-9a73-5856-a762-b4b848192da6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1", "type": "library", "group": "org.apache.tika", "name": "tika-eval", "version": "2.9.4-tuxcare.1", "purl": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:39ccbb6d-7fa6-5f4e-a59f-06ddbd0a2e16", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88a4dd2e-8fe9-5858-86d8-21c5b5d804fb", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96563718-ce92-5b2c-b966-884ce8f81cec", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c879680-90c8-556b-81b3-c193bae24d6b", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e4a3742-a71e-557d-bda4-3e429930142f", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a27ff399-55da-543c-b3bc-e5afd90e8859", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a9e1251-d504-5921-b70a-8dad79c43043", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8759328d-8e6f-5897-ac12-1f47d1d1b626", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0944bd1d-2eb2-5d92-9689-36a379c46fe3", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:039a57b5-db15-5ef6-8acf-b5e3850a7d03", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19a26d94-9308-5854-be3a-d2fd607aa9c7", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da2685fd-a4b4-55c5-a8c1-fb0f77e4fb28", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c244a223-1e40-51be-893d-8455292b0112", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56a11066-93c6-5055-ac71-602cd19a122a", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3233f39a-2ec4-5c49-bc01-8046a5d39f38", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7c93de5-3ec3-58ab-b9cc-9501e64397e3", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:577c6313-d699-5a59-87d9-118d7e19779b", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e61f144d-4ed3-52f6-b1cf-6479077c8a26", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff9ef587-44ed-5dd1-8d85-657c87e88a73", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4818088f-b0bb-57de-868a-c10191476449", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d6d33f4-ff20-5abc-9ab6-d1425cb1846a", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb69587a-96d3-566a-a0c0-eaf0b72a44ed", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e27d4619-679a-568e-931c-f2126c8acdaa", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:022ebf21-0357-59ea-958e-596327c1a535", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee2e3c1a-bc70-592d-acdb-75e6b939d293", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29e3cfb1-6e83-51d2-ba5a-138029e44b9f", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0838c8e-fe74-51dd-b7f8-d0f91657af07", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cde7c6f3-83de-58d2-9c45-ca8ee9be4dbb", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b34b20c-02b3-5ca9-a1b7-644f809374ad", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0a40552-a027-5d42-8626-ea85822e57ad", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:674fd4b4-3e40-5ab8-b6a5-665aa0f3849d", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eeddb82d-9f80-5962-9c81-9c9a3bb11cb2", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97e6c46a-8ea6-5c22-8e64-6ff036fdee30", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1612c5a6-bd9f-5d84-8b0c-8c85fc978dd1", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f2ad4ee-e185-54f8-b8f1-be87c38bd89f", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cbe66c0-ba37-58ff-9af4-1036dcbcf509", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d48e338a-f817-5408-942a-7cbf05ed4b7b", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d82bbb15-2139-5c37-adda-57169a5b7b51", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa5eca30-053d-5b44-8d26-58c79a0731ba", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d04b91f0-9ac7-56ed-9d3c-5fcc04f8bc0d", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d71990fd-c055-57a6-9538-8de4bec9cd3e", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba69d175-896a-58e9-a16e-1cfb862d2352", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60fb4763-74ff-5d60-84d5-dbce618043e0", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb1b30e2-0ccc-56ba-98d2-f50e4a913d42", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f30ded78-01e2-5eb3-acf3-f4453d2d8585", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08ab5c24-0504-5d96-b8b0-9fd8e1a235cf", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:628f57b3-3a6e-5c0d-811a-feb203654e1b", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46e629b0-24e0-5adb-ac3a-37a184f91888", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-eval 2.9.4-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acb10a13-41f4-55c3-9e12-0f958c4f4596", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:241f7b8d-0d2b-5a26-bc4a-8f7b6033b304", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6eff8639-e131-5257-ac80-3635291794eb", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb58000a-5ec5-5db6-9068-2e7062b8de40", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.1" } ] }