{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ea610d7a-15cc-5d2a-8766-2bea248ab929", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-bom", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7a4017f0-a082-5510-9bce-30429fcdec60", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20f798bd-aede-5256-9770-2ed9f372764f", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ada9ca87-054e-5ac8-93b6-43b80ef1e358", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:145ec168-73bd-5f27-aaf1-bfd5f2fe39b1", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1ef5dc8-21d4-59dd-81d3-27f0003e3341", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbba12c4-aece-5931-bb06-76d22a4ad09b", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:178fd484-6751-5dd0-b1b5-e959ed87575b", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1b6a45b-a8b3-54da-92b0-eabc1d0e8238", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30499fa0-fc1e-57d0-ba5f-85750365094d", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1eee61bd-54f4-553a-902a-3724f898ade3", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f931d679-6ed5-53f5-9bd2-d8322ca9a488", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c067ba9-3f6b-5a20-a1b0-f4a5a4d34440", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:08ebd23d-c974-5bf8-9569-dcb58288b166", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e72b7c1d-f4bc-5aa5-80d2-2f759853609f", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0aa7387e-537d-57c6-8ddd-fe7105e76720", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36577744-692f-5549-acb9-494a1f48e623", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed572ddc-b35f-5053-aa01-46261ffcb981", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40581abd-ad07-53b3-8fc1-1e919d219fc4", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb429653-0266-5673-855d-55d2386c7a10", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:21ac9f49-cb84-5b6f-95da-45fdc523249f", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1452d75-e2b3-5b2b-94e6-8a27279b5301", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ce40499-f03e-540e-891f-9d82b8eb0053", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b159361e-65d5-5c96-9e9d-bb622cc16b8d", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba43dbf3-0b0e-5d4d-9afe-7536c438d35d", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5fe09720-053d-5e07-a2ce-4beb6bd530f8", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a98f425-5408-5ed4-a2ae-d8678dabe066", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43240f4d-bf30-5fac-a2c9-682b920e5ae5", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2077d64-c346-5a7a-86bf-55272405d017", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:169641a2-c52d-59f9-a968-249d4ae18496", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4889c23-a761-5b1e-b5b5-bb877499fd2d", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25139200-3ebd-52f7-a263-da2379ec1407", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13d290d2-6abe-5474-9694-bd59a7c9ff7c", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:541e4eb4-178d-566a-927c-b3a87638eaa7", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:248d52ec-b772-5755-b1b5-32327306f4a3", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06804147-d90f-5931-b5c0-efc603668b44", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a71b24cb-96e7-5a7b-b8e1-87310d111472", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b3fd826-afac-5363-aecc-d52a4bcb2312", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6e10b8e-ec1b-53d6-bbcc-18d8291ae8ce", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d188c3b4-c6ea-587f-906c-28c4255091b2", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8fc371e4-53dd-5f65-b0b7-0cbbcef314ed", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa34d2aa-f7dc-58dd-ad95-46d9e4dbfdb7", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7ed314d-9ecd-5e81-8fea-836ed4a4721c", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f06b135a-b9a8-5901-8ad5-25e449ee5ec6", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44fbfe63-43d6-5cdd-b6d2-4905e0dd824c", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d42c62b-fdce-5fe6-a3e1-a92f9f78712b", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32a34ed2-029e-5bae-809a-1c46c3a54895", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61ead728-ad21-5a12-ae91-96ebdb9fb8c4", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04c88e3c-449f-5091-a2d3-44f3d05e9cd7", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-bom 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccd91079-d7f9-55bf-861d-f7cccab8ebbd", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5c2ade3-1c2d-57f9-b359-a38f31d59f68", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:100c0ec9-d4c3-5397-8eb5-d05e7fc928fe", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:974190ca-b3ba-508c-a1eb-289970cb2883", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-bom@2.9.4-tuxcare.3" } ] }