{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d87bd9dd-e586-5391-97fb-6f8c57eaf93e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-core", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d7319cc8-9c0e-5909-ae67-09395124d3bc", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0370ed4a-0ec5-5e60-b7a9-53ebb991a0bd", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f2dd023-97ce-5614-ba30-275c98c9d615", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d0b1c5d-230b-5fae-97a0-9d779235a733", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37489f86-7761-56ec-8986-835ac06bf4e7", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af877fb7-8ac1-5c07-8dad-dfc593d65235", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b72ce592-e971-590d-89c2-81c9a6c58e38", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27388ce2-f472-5ab7-bc18-098fedfb67ba", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22e0e8f6-f06a-5a04-8472-32b3d4f1c0f4", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:485136e9-5bad-5847-928d-0fdfdbdc1ec1", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de24487d-03b3-54be-82d8-e24a56f57bbb", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6833ceb2-dd5e-5f5c-ab0c-defc042c120b", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3840c4e1-d43e-5bbc-89d1-04d7047ed606", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4492aa88-786d-56ac-9192-1b497bbd3238", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:094cbea4-2df2-5231-b570-2e689b040540", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce5f5c4f-c26a-536c-83ee-7b845f9dd5a3", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e2ec40e-8a91-53dc-b38e-021ae9292342", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20cd9c34-adec-5b1f-9bcf-7bf0fa2614be", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8a94c5e-e3bd-501c-b480-e5aa929192e2", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55acc563-d5e8-57c6-ab8b-9880cbf0d29d", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71fe1b42-8442-5436-a0b1-32bdd8eb583f", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59aa7c55-a843-577b-af7e-3868dc82b30d", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:589d4fa2-a77d-5120-9f7d-d585acb10fbb", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b412863f-e911-5ab8-a3e8-738142538b31", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:182c5fc3-9b7c-51d4-b1b8-497889dcfbc3", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:015413c7-1551-5afa-8d53-c07bbc7233fd", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:379a84b3-0a55-5adc-8f99-c8f01690399f", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:219d23ab-705d-51ba-adf3-e0f6c7c61b0a", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c01bca5d-4553-5af0-9184-75cbba8b4010", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4be0e7cc-6617-50c7-ab15-e8eb9ff36983", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a61515a-e436-512b-b100-94da68d6adf0", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9838f805-ef0e-5b1b-b7a6-40ff6e951b60", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04cdd14c-c401-5a3e-af55-a11d5da5c504", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:548b4792-d159-5029-a7c2-37ccc08158c7", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e659f2be-c785-58dd-aef3-c8c8ed36e7b3", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffeb7ae0-53a7-5c32-8e15-50446fe57e70", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54a31b1c-be11-5d26-98f7-7bf81054d458", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9cb1cad-8f28-5d6d-bf01-3473fb6b765f", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8865d15-8420-5a01-b7e4-5289b1432fa7", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb50e4fe-b2a3-5fd5-8184-dfce4245736f", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:380652d4-1818-55e5-b7cb-004798efb420", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ce95640-14f6-5690-a736-29cf525a4132", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ac0e31f-4711-5bd0-bbc5-7bd3e93d05b3", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2cb3e029-bd2d-59f8-a56c-4d0ea66706d0", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:390c2c23-2d2f-5169-a5d2-0aee46e3436b", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ccfdc41-046f-59c3-8bb3-8b868f2d8e00", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c89fdd9a-7343-5ce1-ab99-dc1e941e32b9", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92c7d866-a329-5a3b-a6b0-8eee63ae9ef1", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-core 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb1ebeee-031e-51a1-8a9d-1bbc535ab149", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea59ac8a-b12f-57f6-bc4c-290cdea3efea", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d8563a7-ed57-5ce3-baf3-b77083a67ae3", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:baba2f91-bb63-59a2-8d52-aa17702f7218", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-core@2.9.4-tuxcare.3" } ] }