{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5b9e78c2-bca5-55fb-b881-a6c875105275", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika-bundles", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c7ee50e4-ba95-592b-b351-ae222c75e22f", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef917feb-ddca-56cb-848e-b6870dd20876", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ee6e232-2ca4-5ac3-97f3-535426560b45", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:394c2784-92a4-5baf-817f-cdb0be8990c0", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:611dc935-3ac1-510b-994d-65d7b7ff453c", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11e88b23-856a-54a5-8c7a-aeee9117a7a6", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33b9f2c1-df53-5151-8e10-3087ecd0fdf3", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9231dfe1-e5ce-507d-b54e-d8450893f365", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1a7858e-cab1-5d1e-8854-1d804b1453fa", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46f298fd-1c55-5fe6-94bf-08311dca57be", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f906611-60e6-5acc-b4d8-49cceae1acd9", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2490908-85f8-58fb-93e4-8a809bc18ebe", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55b99f81-6d9c-5ab6-bcd4-cbec729824ab", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:586f3165-5cc4-52b7-b96f-9d5d2f349d60", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8d478f8-6387-5afd-b3bf-f8c00ccbf878", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f98d937-14ee-5d49-aa38-80388c1d2d7f", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7adf8295-db15-5ec7-a77e-604b0d272555", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45021686-e7cc-5828-9008-013e062d4d71", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90258c26-adaa-5b97-b412-420e51114de1", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d441fbb7-b24e-57f6-8ddf-678877ad16e9", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a69ec449-7894-59b1-a436-2726196d8020", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a11a2fc-0af0-574e-96f6-70b0a12c0dc1", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:376bc175-c267-5a08-95c0-f50ab927368e", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d43800f2-6209-5e7c-870c-0982e5638ed8", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86b5f900-8355-580a-9a24-f1a97b0164a0", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09efd91f-a49c-5e6d-a303-c88de6d7ef5d", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7156d6e9-e258-55d3-8d94-35925dee01b4", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0597484e-25c6-56d2-9eca-9ee1dd6f1dbe", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b43f5408-432f-5aba-b1b1-f3192f750327", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ebc8533-2431-524b-8dc0-ad8aa4be4c16", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6430fa81-c387-5504-b011-ff7e5e9b1ea3", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e27466f-6cb6-5e10-9235-53534de2e5ac", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e5958fc-363c-5610-9e94-9c836b266521", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:480701d1-0af8-5c2c-897b-d3bea3d81a47", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77e1876a-12ce-53b9-9aff-69f3967b9c20", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45ddf45d-7e28-54db-9f55-972eece2094a", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c5866b2-a898-5717-8dc9-b0a8c2fa70cd", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9de9ec3-0ef9-5b93-b4fa-9b208ce82fa3", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60143860-6ad4-5e57-a48e-5fd0c7d7a2d2", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56f5a102-c0a7-56bf-bef4-655bb84b7f5c", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab888c18-0696-5e10-b8f8-3876fdcce55d", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1042f9ba-6c55-5fe0-8d2e-8ebf789efd2f", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a1897c1-4025-5114-9424-df4bfd579183", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37944206-01dd-5c0f-8dc8-d54d2c2e6220", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d26294e8-f379-50ea-ace2-a56a9eb90ea2", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7727841-fe70-535e-9d2f-6b5a7255739c", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0fb2af3-01d2-5841-8afc-e8bb7750172d", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:920566d9-2292-5d5b-aa95-2211cad83702", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-bundles 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:722602ea-f6b1-524f-8f28-eaa9f7764ccf", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3eb47e4d-baee-538e-b77b-e202c2b0164d", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e247435-b4a8-5898-a9d0-9259dd2acb88", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e1609e0-a4e5-5bc4-ab9c-1b52495454eb", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-bundles." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-bundles@2.9.4-tuxcare.2" } ] }