{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a22e8b2e-e6e0-5235-bb52-c460fb7c931f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika-eval", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d0409831-1110-5af1-921c-4470a3b6608d", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3be87728-7bc8-59bc-aedb-7a225148df7d", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa8419ba-5491-5669-85c1-14afb727f661", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0a1dce3-43a8-5f58-81eb-cf5035aa53e8", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3dc197b-bd72-5193-819a-19d724af57ed", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3928ba6-3ab2-51ed-9c41-d9f36fb579f4", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e87ceb9-783c-5778-b717-9de90c3d9731", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0eb2edd-aca9-5a9d-a132-563e7db88007", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24313e11-2b3d-52ac-bf0b-32a962c3fe1a", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34bfe810-7040-54cb-b6e0-52d930143c53", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acb8cd1d-2d8d-53a0-8c32-566381e81a46", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91a47e97-f508-5432-80e8-f331a85e2d0f", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a884d0ac-b192-5cd0-928f-c10007dd3c48", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e892aea0-9ffd-5e14-ac83-84a8006fb45f", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97469b8a-af2d-505e-a9d2-9609d41666d9", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9dd4ed5d-a3f0-5e16-80f9-4910d2108a70", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a5b82fe-a66a-5a7f-8f63-7398764db0e5", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dedfa94c-43a6-537c-832f-0e2a232b33c6", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6eb3f978-5127-5027-b92b-cd917c7a9a0d", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf435858-bcfa-5cab-bd42-5ed019b4ecb5", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a49fc5c0-cc6d-56ef-84a4-edb10d59d2b4", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8398b1b2-04d3-5e8e-936f-59ff083c64eb", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac68c449-991a-58db-8905-aeccdd8707cd", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69bfec56-8571-597b-9ee7-6ae9ce2c2b52", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cae8b754-e56f-5422-b829-09b87e9817fb", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:075c633d-d438-519b-b7f6-9c523004c81f", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb2c3244-5f8c-5893-9b21-fb5e9ddc979e", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19128e75-e957-5187-9011-8ca2dd25bd55", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26c3734f-809c-5170-adfc-2018a3c474e0", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fb77050-095a-57a0-ac60-b68725ea0559", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2884faf9-8660-545c-bbf9-a3c02f7cfb50", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68dfe78a-793a-52e0-adea-540c5b4d9804", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d692014-fc30-54f9-8a08-eaa89313a466", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2304ba37-e260-594d-8e01-eda83d4f0b5b", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6941310-ca53-5a7d-83c9-432b178671f0", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:053c9a82-2bed-519d-b7a2-a6a4491fdf1e", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76db8b2c-fa7f-55c4-839e-faff98b689d6", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd5684a7-6249-54cf-9c29-d83f87955fc2", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b0908160-6eee-50fc-b865-cb738bd89561", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:759aeded-b83c-542f-9abc-c99bec39df3c", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59ab0744-2994-5f07-927d-52d43e429376", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a289c67-75bb-5d5b-b13d-bb3fb6a4747b", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9274ef47-fa3a-5290-965d-6acabe816378", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b674fcf-8d1d-5658-ac98-bc632b6e5dac", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f399fe3b-0b97-5993-b979-e913eda6718e", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45d615dc-324a-5d94-8b27-1d3da3664800", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e50e7be3-4b0b-50ef-96d5-10ad4cb1080a", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fc434b9-5dc2-5548-b08d-9409543c696f", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-eval 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cf3c89e-380b-5650-8784-ea8b15ca300f", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1c3109e-de61-5b14-ad96-17d9f1bb5e69", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92e49bb5-06a5-5b31-ae89-41b5e7173666", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5561d447-41dd-5a69-aaf4-2b6afcd2d0ba", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-eval." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-eval@2.9.4-tuxcare.2" } ] }