{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e3834a92-d065-5d27-af4e-9d17bd99bd74", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-app", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8f44acde-fc97-5801-9fc2-55dd06c49c8f", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7a5b09d-5d14-529a-93c7-d8b241fbfe21", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b6d4027-a2eb-5ea7-9411-26c5441a3f3a", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fa45ae9-df03-500f-8d68-9f21ca2e3338", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7073579a-063a-5e0c-ac91-b1b27d28ee0c", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c71622ab-7482-5b16-ac4f-1ccd7a4ec799", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f95c3db-9c8c-597a-bb39-962c96ec31d2", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a28e06f-a8f9-58fc-a5d2-d9f8ab2eee7f", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd1636a2-4c26-561e-9a72-8e421fc65f61", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80a0ae09-35fc-5fb0-8234-be7996961016", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5358401-98fe-52d0-bd98-b2039089313b", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6284cdb-3884-5b3d-9889-01324553afeb", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c59569d7-f356-5481-9773-a9c4bb0fb904", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cafa685-b5ac-5ce0-887c-22af6cc43a6e", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a424b794-8cd3-51a0-acd1-197245dd500a", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84712f37-dbb7-5f6c-bab6-84dcb4895676", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07a59ab4-b005-59cc-83ce-da9c84563cf8", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12bcb80a-05e3-5671-b87c-142e6c96c638", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ca54566-2870-52c0-8a66-773dcdce21a9", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:404d5620-961e-591f-a075-bba87a59cb3b", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9182e6cb-7046-52ed-9921-047e4d7ba005", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:654118eb-b5e3-5ea1-a30c-b32e58dccfab", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1164030-ed90-5403-85f6-39e6cdbfed21", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6fe8da7c-a4e4-5377-a73b-2d6d007e5a43", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a0f9717-0b65-5328-8386-bf4fdf21741a", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce31860d-83c9-52f8-8b83-5e0c2879cd55", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19f9790a-ecb7-504a-9849-511ce59631fc", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2afb41ca-0d7e-5f25-8a28-c542900073d8", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c10ba26-f393-5710-9d73-bcb47bf19234", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78897690-d7e2-5c20-b26d-7aeabfab01f8", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45710e67-6f33-5f04-9504-fafc35c6717b", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14357707-3bb9-58c4-a75c-decf9c41d3c2", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ceb3cf2f-2512-5ca8-a197-deffa135f04e", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2b6c8c0-3ec5-506f-9bf7-a17ca669f75a", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb86b4e6-bb03-5410-9bb9-f12dcd80a90d", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6568697-7780-581a-b6ba-14040270508d", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3f5a4ec-34ea-53a6-a3a2-a5a8bc917edf", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c36e3685-d7f3-59e0-8663-67ed37dd7f53", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4d9208a-d1a2-551a-a808-176048d1071a", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75d7024d-9239-5aec-af28-f73994b8dfc5", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17910157-56e5-51c5-9064-bfd8de51280c", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f84ee0e-12aa-5f63-94f2-a4f268a7ea82", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2abe4fe9-a6c3-52eb-bc6b-343a079d7331", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cef11be-807a-5bcc-9524-99709b755819", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00e6c420-83e3-5ac0-b91c-b67f0f8944b9", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55429bcc-ad5c-5883-b35c-cc66e1c097ec", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6290ac99-8538-516f-aaeb-360ca0c4c4ee", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70dbbd60-754b-56d6-86de-bfa9e3d6729b", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-app 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3114c079-4ffc-5ec9-a403-7faef0904393", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b1ace9f-c0b7-5216-a4d1-2861b9537e40", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe45f19d-0e19-53e0-b555-5fdff4bb3e0b", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:162ff858-3959-597f-98e2-858555c5bdd0", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-app." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-app@2.9.4-tuxcare.3" } ] }