{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d0726397-6965-570d-b134-c8151692c943", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1", "type": "library", "group": "org.apache.tika", "name": "tika-serialization", "version": "2.9.4-tuxcare.1", "purl": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fc145aa0-84fb-53fa-b12a-4fd19e194faf", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c08388fb-bff1-5486-8994-a9e5398bc7d8", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73c59fd9-4fa2-5e3f-bedb-06ddc20991df", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9282905-3f92-517b-8503-d5002c0615cf", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b2f754e-c488-5e4b-91e7-2fbc85a6bc5b", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80c1fd49-f8fc-5d96-ba61-35bd7775d567", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20ed97ce-4663-5102-96e0-a31915dd21ac", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8642e8c-9e20-5a09-a48c-e5a99cf9a2f4", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3389a570-111c-5d54-a2b3-a082b9b3c006", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd9f3868-7f35-57a1-b596-a2ef6c6c6c5f", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1321b443-141e-5fdd-876b-980cb3fd5a9e", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47ecae07-8cd7-5f6b-a055-a91137d6f577", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:496df256-a32a-5929-8e05-f4e6139541ac", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:422ad246-3705-55d9-ad89-280ff5b54639", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fe61890-980a-52df-93e6-61d0a6c0eb32", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:015219a6-f9b6-5a2d-9a99-0b80e65cb412", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1c8e55d-55b2-5778-9f7b-5e6bf94cecdd", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cdf6d18-1c14-50dc-9c6b-b35afb347e23", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:560250ba-96ea-56e7-a0c2-75ccd126edb1", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:171e22c8-a41e-54e8-98c4-29cb48342cf6", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2b27fb5-e4e4-5c6d-bbb8-e6af2ffbf430", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:150fbd03-e4ae-58f8-94b7-36fb20bcb010", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:380e5892-e1cd-52e9-8025-a6886d75d364", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a20da97-75d4-58f5-9518-815c6c7ecded", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0418c999-189a-50fd-be62-84c92a16362d", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a93b89de-3a5d-5813-aeb6-9fb77bf9dd32", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfd09c05-d2b1-5917-b762-e83f127cb9d8", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54ba61c6-6f6e-5b83-b6b8-66ff29d256b9", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89416cc3-3291-5d15-a187-63725e20637f", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7f30ccd-f184-58dd-9145-33adae59b6be", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76cb0b36-f50c-59de-8ac5-1e83c8b6067b", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00a3d03f-746e-52db-beed-78dda43f3876", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9e527e0-9b87-58bb-ba3e-6c448a0ab23e", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7be59553-1cd7-5db8-ad63-304cbb3706b2", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c909330-db39-5ca0-877e-e7fcce249f7a", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fca6fdf7-35d0-5c4e-9112-c4008c108bbc", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73c2a2b3-0cf6-5e9a-bd10-0722a0cfe415", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d235194b-504d-5d66-a85f-ddafc012e76c", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a246776-1679-5188-9fb6-b1c0e798fb8c", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:219f1d38-bfe5-56ec-8d0c-706cbd1b62f0", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:734e3ed8-f759-5b5f-b808-6ad1982ecdea", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c727cf2-1aa4-5602-a550-9262a327ae3d", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bd33a89-bb5a-588f-80fc-281e72c7ae38", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b09a9d37-326f-50d6-abd7-f4c5249f7ada", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad66cf35-bfc0-5cba-8d9d-62bdfb2edc14", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89fcebb7-cebd-508c-9720-eacfbad682ff", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9403f069-396c-52d4-bb54-30e499f97a5c", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:909acc88-021d-5942-aa67-97e1456f923c", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-serialization 2.9.4-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c50c97a-684c-540e-964e-2201f9cede51", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b8eb130-47fb-5ad0-acb1-8ccc2c2868ab", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01dd4391-fa24-5bc3-b6fa-bd836a5f825c", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e6d6bd2-625b-5a14-b554-03f8e6e693d2", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.1" } ] }