{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0dbb1d65-fff6-5070-87c7-bcdbe315d43c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1", "type": "library", "group": "org.apache.tika", "name": "tika-fetcher-http", "version": "2.9.4-tuxcare.1", "purl": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:09db366b-07b0-5154-b46b-75e262d31625", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b73341a3-12a8-5b83-b928-b1e762eb6452", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f6bba96-f823-5d19-8da9-10002f5e516b", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0a9f246-c4e9-53c1-9ccf-49c53541c760", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c225e20-e349-58c7-ad59-31fa9de4c4d9", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87ca6e24-3f5d-5d81-8305-6a5cc3345bc5", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59b33f94-e17a-5edc-b339-7eb88631deb2", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ca656e3-a22f-500e-9202-7caceda75ef0", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f746b44-fc3a-54d9-adc5-dd887cb9b794", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3d84af2-5b57-5890-a76d-a4a35ec8f139", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6226b7ca-9e46-5027-8b47-1da50c0d2d0d", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d3327e0-8396-52f0-9c68-c61cb1e5c6fd", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e63721c-f929-5730-973c-a6e736bbfad8", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60553cb8-80b7-5fbf-87ac-9a0326c863e1", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0aff140-f9bf-5680-8cb6-229749eb0b2d", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6326e31-73da-517c-8755-d19f60140d7b", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db088a09-c64f-5b99-bc52-2c68e92c2d81", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33a92e01-0f18-51a4-be05-2620d88e19b4", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3edfd282-7bbf-5060-8d60-1f384ed33b25", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76204fa6-4256-552b-a9e2-f30387fbcb83", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1134b3b-b950-50b1-b84e-5f9b69cb8979", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b53fd6a-528e-50ba-ae7a-1359fc1d23a5", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2921541c-27c2-5b1f-b50a-8b1645d3c0c4", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a72dc6de-bbc3-5edc-8585-184d0c33d949", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa921a50-dc2d-5a10-9d47-c39266535e0b", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20d2337f-666f-5481-99cd-ead88ae29e04", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a20d0f18-e49a-5618-91f3-91633c122a0c", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aebcf879-0d41-5f1d-835b-41fb08039983", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6094e20-2b83-51ef-b9b1-19f801432922", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc6f9670-19b3-59d0-9f29-c922b025326a", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8634e5a-82df-5fb9-9984-8875b25c8369", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:184cf60c-cff8-5bca-992d-bf05120bb171", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a88d241-8b76-5130-be6a-8197a5d1ce1f", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6c645e0-3bb5-5c85-8509-c1fc98b67b33", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbf24685-0463-51b9-ab5f-c5bca5f2a173", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf4016c0-ebe8-5744-9259-c0ff98b1f4a8", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76fc8042-5a30-5a4e-873d-67017d6bcd82", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33a44dda-3ae8-5c20-a4dd-65de69251a89", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21dbc035-d82c-5bbc-94f6-e2f6d4efeebc", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:394266a5-802f-5003-8d7c-da388c57a858", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4dd1e648-b67b-5548-b8fe-1c004ed65444", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1718351-5416-5bc7-a52a-ef01de8640b2", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3a9435c-47e9-5113-96ad-82e3fabdde99", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a20c86e8-46fe-506a-aeec-58de63d8706d", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e91b61bd-8f32-5604-b880-c38a88fe5951", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34518cfc-a0e5-5456-aec7-a0c8b89e14fd", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecab2f9d-0c76-5e58-ba54-b9610e0121c0", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcc59287-6554-58b8-8ee8-a2efc59cc54f", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-fetcher-http 2.9.4-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c300a36c-a929-568e-a90f-b1579c3678b6", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38f8298a-b4af-5be0-bad1-a4f81c7e9e02", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0ddbd3c-d155-531b-8143-d539e0256935", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca7dc8c2-898e-58c2-b215-6d65f1c26fc6", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-fetcher-http." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-fetcher-http@2.9.4-tuxcare.1" } ] }