{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee6f2eeb-0de1-52df-89a7-aedacdd9723f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1", "type": "library", "group": "org.apache.tika", "name": "tika", "version": "2.9.4-tuxcare.1", "purl": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e8a3c82d-827c-5564-9421-1718c00816c0", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eec6003d-a3f0-59c4-aa09-45adc8db5fb2", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1af14c0-dbd9-586f-b92e-dc9627fbfbaa", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:257eabd9-e91c-5a31-befe-4113177990ee", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c626a44-abc7-5da3-a532-3080e591e6f6", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a5c9dd2-91fe-58cf-990c-bc98e1c2415c", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8228e01-ae00-5636-9fb7-7b2d53d01947", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4fdf8f8-b3b2-567e-9e50-6917850b01da", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:636f73bf-f469-50d4-9426-26b0a0792224", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1af32acf-80b3-5042-9d40-cf54b2cdecc3", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b99fb5e0-c4e0-5ac9-9c00-5fd2ae42d3bc", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98dc69cc-7ebd-51c5-889b-6f5fa5d12e68", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2e3dc31-ca3c-54c3-92f7-50cf79ed114b", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a56e327e-60b8-51dd-a8ff-068075cfed88", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5ba8f97-1e3f-50f9-a6b7-852eeecc564d", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d78ffb1e-746d-561c-b2ae-cb9885062e64", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a8ec2c5-1d9b-5890-8700-22069a197b09", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b995ba8-6cae-54da-96f0-f4ef548790b9", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecca9472-c1dd-5653-91bb-713d8448f311", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3dd5c0c-ed32-5238-927f-30237cb459a2", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1fbb128-0330-58d6-84b0-d222e96cc2c2", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07dee913-5d60-544c-9d26-2b4504a4e2cd", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46cff3bf-1b53-56e5-94a4-7901dcfe356c", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c1984df-2137-5da5-833a-904c71787a68", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f402e75-9465-5a3e-be16-56c648e6829e", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fa0ae66-dbff-5e76-9b78-40a2a8f663cf", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2a76fea-6393-505a-8c5c-8ab2db0a42f4", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f1dd0df-b5c3-5d96-9ce5-7a5f1ad65e2b", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36818547-7eda-5b33-9c97-ea5a529fee0a", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:391ed98c-0a04-57c3-9dfb-158f51531a17", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e64f0cc-eaf2-5867-bfd6-0d109db10fac", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cec8cb92-2796-58fd-8012-332d8493d602", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80d28b81-c918-5b9a-a4e7-c21df59cfa06", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a44daf0-ae5f-5a4d-8f4b-657dbbd30106", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:969cb1c8-770a-55ce-bbb1-b05f7ced77e2", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32089ee5-348b-56f2-b9b2-f8522a475edf", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3d96a87-3bc4-574b-af14-e2349cd1a79c", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7b2c8af-5f7b-53c4-b5d6-3f814b743f62", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24d5abe5-f4d6-5548-8579-504bc455be32", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ce21305-43b1-52c7-9bb8-de2983a743b0", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ded3d12b-5283-5897-a305-f8319015cb7d", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6002a822-d9ff-5cac-ba9b-2f9eed20b5ff", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4143e0f0-cd44-5f0c-a0bc-280bc7abe50f", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90e46bd7-58ab-56e1-a6b2-7a2dda0ad74a", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8834846-a026-59f4-9e89-0726d872eb18", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3551f2dc-1080-5297-9e27-b41e2d188ca6", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2537f701-1996-558d-bfda-13d7b0728295", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6061a5d-eadb-5d2f-98c2-b2a7d9bea671", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika 2.9.4-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:284d9c14-8777-5b58-945b-0ec3edbd4c6a", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0466e559-2449-5493-9e54-8c553beeb436", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02c4e62f-9539-53f4-9136-4cef3d3c55fa", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cc20e75-04f1-5a87-a30e-366f37833547", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.1 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.1" } ] }