{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b9f5d568-895e-5b54-935a-073fe78ad5d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1", "type": "library", "group": "org.apache.tika", "name": "tika-xmp", "version": "2.9.4-tuxcare.1", "purl": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:19f1136e-39b6-5fd0-80dd-7dc32005f28c", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cdc7f40-bf3c-554d-9f46-2df99a362f86", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3bbf619-48f8-5407-a6fb-c8085c6c1bb7", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fdbc23a-88d6-5890-a9b4-7583be507df5", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d005259f-5108-52a8-8869-6c34a813a973", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00f69f1a-cb43-5b22-808f-ca70c2f43ffb", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04efb280-9ad4-58fa-a8f3-7c77df7aa850", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b125f7d-287a-5ee9-82e9-4d54ecb0447d", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1e33051-4916-5cff-8afa-175df79d785f", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9445a32-2745-5b88-a8be-e1f7922db788", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:040930db-bc42-5c74-965e-a43616e27f3f", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef527c96-366a-5883-abdc-ccf2b17eb444", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8510de1a-3d3b-5c40-b023-d46e97e8a5ee", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ff3337d-ce16-5647-80cd-ca26ad68d373", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b17ed3f3-8f7a-5a54-bee7-151503fd580a", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65055943-664d-5e8b-bb58-d7102b1fd53f", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc795891-0f05-51cd-a878-bfca4577f76e", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14659de2-bed8-5083-9a4f-a4c1de539e2e", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ebe77ac-e62a-538a-9748-aeb8a6dea087", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7ee36d2-f33a-5d4d-ac56-88f7c7763a3e", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c1ad990-f2b5-5fd0-b11b-8ca12530d298", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fe47682-e5d7-563d-bcc3-81de9ea5d78b", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e80ad693-4a01-5f38-b67a-c73c445bed6b", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c261ae1-2eee-5de6-b029-164ff09bbdf5", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fc8a340-ef22-54ed-baa3-fd22c99a1f9c", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90b52a16-bbd1-503e-b287-16829b514388", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9fee7ce-e1fd-5fa3-9698-0582d5cfcb09", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ed20971-3c69-5c2b-b81a-c45eb9ec5da5", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6d16d66-313c-59a7-989b-b6fe1156270d", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d7463e8-1492-5c22-9d3c-c363f75f50f7", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbef5f07-3e2d-5f77-97d9-22b698c907e9", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9626b97b-71b8-54b6-ae25-fd5f9a0fd6ae", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90631700-4c0f-5e16-a60e-30c8466f10ea", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88d2129c-4377-51f6-aeb6-3734af937ba1", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:092227c2-320b-5ab9-aacc-cd96b6a6788e", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b99ba3e-a268-5a40-a933-0290e63db873", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0305ed21-7eb1-5cdc-aab0-a76a89af567a", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e963282d-8d42-5e20-861f-971e80b090f8", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b4bc79d-b1b0-5aaa-9265-eb52de8e1c57", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93aefefe-7472-5027-90d5-2d84c8139fc3", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b0d3b13-de15-581a-a5cc-9795a247c6d8", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0641f46-2624-5f25-9c71-ec0779ce95a8", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bbf8d29-5c2d-5642-9c50-97013c656985", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb2acda4-3d3c-5c1a-850a-e1bc7d829e7a", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d21cae3d-f7da-59f9-baff-4a575b83b33b", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68dc456d-1f11-5d4c-9e2a-8bb37541a592", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d628ad60-df6f-5a9e-ac6c-c2eba581886a", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43fccc65-b275-5f17-b4e8-d408fa2f68b0", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-xmp 2.9.4-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0892d6ab-cab4-59b7-ad18-d3f85697724b", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2e57de0-436f-55f3-a728-589c092a45fc", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cedc228-022b-5729-83a1-668ad32a380d", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cd5df8f-bca7-523f-96c6-ed27b7f438c2", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.1" } ] }