{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1fcc099f-4163-5165-a3aa-ef0635e09d34", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-fuzzing", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fddc4d52-d2aa-5a73-98a8-bc673229365e", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c52f4a2f-5398-5b6b-ab7f-8f88fae33d94", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f7edebc-ece2-528e-aa98-b59d737636dc", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74ed1995-0e13-5feb-a3f6-f8c085b8abe7", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6adf904c-004a-50a6-b2da-812b229bd0c9", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11d39b89-393e-58c9-a6c1-5d3b6ff2eb2e", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:21df72f9-510b-5a8c-af8a-e36e43c622fe", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93888768-c66f-587c-88e6-7725aac482cd", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34f031b6-a4fe-5899-8959-76361f2edbb5", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11876a11-6897-515f-addb-ded44f22defe", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6001a37-8041-549a-a53c-b82acff14f2c", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9435562-2142-5dfa-a3bd-d55d166309ef", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e720ae64-a428-58e4-8d10-5d3b0e8f36a3", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f59006d1-a1bd-5082-a5b5-2d822cd4b866", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2660f96d-630d-5067-98d7-fc3b9b149c1f", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf950ca0-60c2-5f90-ae58-6a89f7371b76", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44a584a8-fdda-51ea-adc2-866ff2ea9e38", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d568aec4-9da4-5153-98dc-4d9e7d0b93ab", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a310850-7cd3-5181-9df5-972db52b04f4", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:453754fb-f76b-5fb3-b21a-fdf02b11737f", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3527008e-baa0-59a1-8a49-0de3f73695a7", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f19bddcd-e34f-5891-979e-d4a95a2847f9", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f87ed22-fb43-5003-9fc8-705d8f9188ef", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ac72de1-b004-5671-ae62-d85cad0ff9df", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f84ff72c-f07e-5c76-b73a-e5bc42a6b699", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8596733-fe25-5602-97b5-da6323040c4c", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a32d696f-5ba9-578e-a58f-08b1bc343bbf", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88d6f806-1393-5eaa-96f7-a18547dbbb5b", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e62612a7-b6f3-5c8e-88f3-628f49ef6a24", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:572aa021-7d09-53c6-9512-bfb6d1ce3d5a", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9614d290-a8e4-542c-b83b-409786ef9822", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:875a9d18-3cb7-58a2-b2be-6e4efb73198d", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4675bae-2cd1-56bf-ab75-44ad85c5cdc7", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:474721c7-c4df-5d21-ac62-23fd176179db", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a99cb30-e325-5a1c-bece-04a4c083de0a", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:927a7365-b333-5651-bc21-331097144fb5", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b5ef56f-ebcf-5e5e-b4d7-8e8c34f13c5d", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5548b947-fdee-5a22-a1d7-c89122aa085a", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af6b948b-7020-51e6-a45d-be4751ae3149", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac4cc5ec-5bf1-5524-87ef-a11b0e14b4ac", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:605e5ab4-6962-50d7-a618-24f5d1461ac1", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:41452a1e-7d20-58be-af94-712093f09346", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eaabc07e-92e9-5558-b8d6-85c40b81bf0f", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88b2d6b5-0ef7-5d03-9d19-44866a9beb32", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:663e9eeb-60cb-5d8f-b474-53fe0e9fee9d", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3b6b080-1441-5a8a-9daa-cf530ea0a7a3", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d18479f7-eaaa-510c-9d95-a181e157dfaa", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c75537a-b71e-5a54-ac96-504885b70e9a", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-fuzzing 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:914c957f-c5b6-5f66-8bd0-55a705a329c6", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6abb1278-86be-5c5e-8b6a-d18d03477bd3", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51c49f58-6959-5ee8-bb77-16b3624d5dd6", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1bdad44c-55d2-50aa-9bcd-7d3739c55d61", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-fuzzing." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-fuzzing@2.9.4-tuxcare.3" } ] }