{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9b6dae3c-c4da-552a-a1e8-16d9ccdc4a18", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1", "type": "library", "group": "org.apache.lucene", "name": "lucene-analyzers-icu", "version": "5.5.5-tuxcare.1", "purl": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ebf05e52-e413-51a5-ada8-0eba1fc5dae4", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f2d0349-28ce-50b3-a22a-ba26b123f5bc", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f7bbaad-01bf-53ee-af2d-7d16a3c82532", "id": "CVE-2018-1308", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-1308 is fixed in version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e483a8d5-22dd-5e3a-9788-a3dd66d6e5e3", "id": "CVE-2019-0192", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0192 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47f22944-dca4-5492-ad4d-f4b39172f29d", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b02a2f9-c6ec-5620-a81a-62f4e516a12f", "id": "CVE-2019-12409", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12409 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37ed97a2-c7b1-56e2-97bc-e38f41c02cd0", "id": "CVE-2019-17558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17558 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df9ac47e-682f-5130-b71c-161b921e55dc", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22f2d6e3-1640-55db-a97a-20741545d61c", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66cad685-440a-53d3-9e28-6b86a07fbd61", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fafa455-0480-5c43-8297-19b1827644c7", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d765e88d-196c-540f-91a9-b541aa632745", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0026cd6f-7e78-58c9-9714-6070a460f4ea", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54b6399a-d08b-5331-be10-fb2201e74a81", "id": "CVE-2024-45216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45216 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b570744e-fe2f-57bf-b467-a746365ba1e2", "id": "CVE-2024-45772", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-45772 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d6c98e3-ea69-5d36-b177-4553b5556494", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:238501e5-198b-5f71-aca9-c8d06232d0ac", "id": "CVE-2026-22022", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22022 affects version 5.5.5-tuxcare.1 of org.apache.lucene:lucene-analyzers-icu." }, "affects": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.lucene/lucene-analyzers-icu@5.5.5-tuxcare.1" } ] }