{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:27a611a9-38ff-5237-89ca-e7c6cba3ef9f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1", "type": "library", "group": "org.apache.tika", "name": "tika-server", "version": "2.9.4-tuxcare.1", "purl": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:89a0819c-dc88-5446-b4cd-80bf1613e338", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a065018b-61b2-579d-8a72-4ad6f92bda78", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a69cb2b5-dcc9-5803-980f-c8838f0a4da2", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:314bea94-2d18-5cb4-821e-681b59a20f9a", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc60d14d-fde9-5ba3-ad0f-b3ec82d93bff", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f6fdf37-73f7-516b-83ab-d8225c507454", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05a2fec8-0242-583d-b39b-e629209b2e7a", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45e3a8a2-adf5-51ed-b557-38527808c47e", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31612abe-e6a6-5af2-afb9-70ff8312837b", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31018924-680f-533f-b150-a1f6af2e0fce", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7614c450-3a55-5e7d-b4c1-6aa5f7352da3", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b941fa0e-eda4-51c5-9acc-5d58603b046b", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1fd470d-8238-5ca5-9aaa-7f0c317a2dc5", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f8f5e03-b99f-5454-b797-5fd3bcee83a9", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43116b28-4fd9-5e08-aa45-2ca1f40a27d4", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6090d8c8-46b7-540d-920f-fcc6ab32830a", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69f7f626-fc8a-5ae5-8a10-01cb4da24633", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a16b1be-d58a-525b-81cf-f19d0ced07dc", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a183c66a-5db6-57c5-92f7-92efedba973d", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:239169b8-e26d-5e1f-b5ca-86131df68578", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73d0311f-f704-5eb2-acff-3dd76b9842fa", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbf1998f-db60-5aee-b8c7-0742e325616f", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fab30846-2302-5a25-884b-111ae4369d10", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5dcac27-34e6-5d80-bac9-306fb7f2a900", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6a210fc-ae47-54f0-8b3b-0a44865d8608", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4b0bf06-0acc-58ed-8740-bf3e0f61d1b7", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e23572c-ca08-5f4e-9b24-32630e88ba3b", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd40eedc-83a9-505b-832b-32b92c51993a", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4497a39f-f741-5cce-aca3-aba2c4115b90", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e783889b-e813-5749-8fdf-93dc0e975cce", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7289e005-188c-53ed-aa33-0939989faa52", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a139dfc-94ba-5b65-b5cd-0bceb7b41099", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f929ece3-afb7-5dbc-ab98-1580a6b27346", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:974e39ed-a601-5429-a357-900c0e7f4973", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28a55efd-c285-563f-b945-a450620ddbe3", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2b9cc02-4ae4-50d6-9a1d-e48008d22d3f", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59d5bb53-34ea-5aa0-a71b-1c09e9afce04", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:503751bb-b6ab-55a6-a625-3c19f0b0c007", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a413b462-dcb9-55e3-9aa2-fc2649ca69ef", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84ec128c-4b79-5fb6-befd-c26f533d674b", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:205952b7-e416-54ef-ab9a-f7d579e7cb50", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49e1cf8e-c55b-5a73-9c7e-003e04329e73", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c20e3024-33e5-58ea-845b-e09dba106bda", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1bba367-2881-5b8d-991d-09e126c57561", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dd60647-0e71-517f-9612-8da01e247425", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca983a2d-05e8-5cd5-8732-19fa50c9eeda", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1c01a8a-155b-5389-a0d1-13e5c1728aa5", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:731a445f-5642-55fe-8741-6f17b4e2cc21", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-server 2.9.4-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8c227e8-f6a7-511b-8a75-adff7111342f", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97f067f5-841c-5df4-a61e-04ac3aa1b746", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4304a593-a56d-55a2-8cdd-64b9e04bb773", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65c4dce3-c21c-5abd-8d40-29c9732b64bd", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.1" } ] }