{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:62a3b6dc-b443-5250-9f32-80d33f71fef3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika-core", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:04b3be61-21f1-5f34-b110-f5daae0675b8", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0baf877e-4b98-5d78-8f51-5ccc802f171d", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06db6438-039f-5b54-81a0-d938eac22ba3", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b982da1c-1b73-55bf-9a30-37480b74aff1", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c169f53c-2385-5b01-801a-f5570b61879e", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60522393-f814-5b4f-8d2a-3a0414627ea7", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:960094f9-1dea-5e61-80c3-e0b1f05fe980", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b50d510-ea5c-5785-8e7b-e63d6235ce41", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4477cfce-2c85-53ad-b901-3f4e90f4033d", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be333fbc-1a2e-5fd6-8c56-9e1038eddce4", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73276e57-69d7-5a26-a635-a5522ac06c00", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c8b2908-1dad-5cd4-84c8-d99f819f3cf6", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:769d04db-a619-507f-93fa-64a2dfc77825", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea4c59d3-fa9d-5b96-b704-feb798d9b479", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c0881f7-5242-5810-ad89-4a87074ba836", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a1bc0a0-f8f0-5d25-87e0-c8f5f03e5dc3", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64a982f8-42d6-51a7-935b-8a6502d71229", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91f910ff-63bd-58da-ac78-a187b0d8aa82", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d14bd8cb-2c65-5062-8966-5602947482d0", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c343424-6711-52e4-90c5-afdc137787eb", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba7f341b-a5db-528e-b88b-4398f08b98ff", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dce0632-6f8a-5bc9-9b80-63bba284ad42", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75bb8c7a-487e-5b48-8077-c4d82d61c94c", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80f41787-5c4e-5d6d-9e33-862d2a686cd9", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e49dfc20-d774-54b3-bfef-b5970151d03f", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f8c8d8d-6358-5e68-b6a0-3b38a5e6a88c", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8122d1c9-0ef8-51a7-adcb-76508b756d1e", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9d326a1-fef9-57b5-b626-86d629004ca3", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b770a30-6a28-57b9-9b32-b7d554a726b2", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76b07db0-2d28-51bf-bfe3-f29c6d6c11b7", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2db55eb-2e76-5fee-9327-d84221d0b88d", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2f79688-cd00-5623-b387-7e187bf48fc8", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9348853-4aef-5705-be5e-67d0323c130d", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bfc8914-256c-50ac-8280-b57400234604", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8450e7e7-9c8d-5bdd-8732-4721a70538ba", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceca5dce-e9f3-554f-be9c-f077c0e85a73", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3ff2d9c-8909-5811-a4aa-75b326de0fc0", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12794f07-5a98-5bc3-8dbc-1a32ceeb355d", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:282ffd2f-2278-5632-8230-86ab3701f49d", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e3779d0-a75b-54f8-9352-fbdf3aefd7f8", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:225a825e-e3cb-5acb-9a47-70babd567a09", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8386af2-9195-5581-8f06-375fbba57e61", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab6a7c36-96fc-5a73-9d50-37c1486ac36a", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e555413d-f3b5-5c9a-b18d-766f22827296", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85e3d5bc-c007-51e2-8a5e-50d3ce67d836", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0b0396d-1fb9-52a3-88de-4b3e3231ff61", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3efa2fbc-b483-5869-84d9-632b816de5a5", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c66db3a0-f5a2-50ef-b1ba-14e5bf9bc69e", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-core 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25c53fa4-c353-5119-9ec6-6cd363d8005c", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cdee70a-e25f-5b44-af37-8c4e8cbf84a8", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf9dc496-f5eb-5835-87f4-19a40e33ebde", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f0b71ae-399b-5cf4-934c-2ab6cef566af", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.2" } ] }