{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c5291960-3105-5048-aa77-9eb969b86948", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika-java7", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a2748986-8d62-5474-ba79-f8e7da6758af", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:353fa7a0-61a4-541c-bc1a-203f7654364f", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3e20eb0-02f0-5146-813b-0d57867c03ab", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fbd4744-9be2-5ad0-a4cb-f7dbf0ba8640", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59243c22-0d02-5ad9-9486-4abd6adc5ae4", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:682fc6bd-c002-5b0e-a0a0-5385ebc5a16b", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:313b9993-c8c2-518f-a9b1-d6826a3fb775", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4044934e-628a-52d7-8159-2f8a78b0033d", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2137f5c9-dc6c-5dac-8e5e-62008b832b82", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c6273ea-1392-5575-b2c7-65b0f8243c53", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:400c7440-0f9f-59be-a22d-8ddd1e43f9e3", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47ee3f94-b33c-5946-85de-13d869d56bdb", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0a5bd0b-59f2-5bc6-9bf1-e053570bda56", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0f6fc8f-8e84-59d1-a6fe-4fd951ba0a42", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ab91838-175a-53f3-a956-e449b0cec46a", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a08036c2-00a1-5576-a00b-25402748cf5d", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a793780-6c8f-5b68-94f8-a0e982cb6adb", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5db864e8-1e47-56bd-838d-07bb7452878b", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:256ae34b-21cd-5d7e-8cfd-78f8b6936293", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a14b4758-0630-501b-85c3-bfb97eb322cc", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0f7e9c8-9167-5cb5-91f3-e3d05310351f", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:547da9c5-9cd9-524f-b7bf-79f84de18a31", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19cd8eb9-9a15-58ce-881e-f00ef650ad2d", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a88d2bb7-78af-5bd1-856a-99c155cb1637", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b9eb1f5-24cd-5e5e-93dd-1cf28ea29543", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6a0ec7d-6b80-5ebe-96c9-87d0fb63595b", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25590161-5044-54a8-adf7-cb47bc0bc7bc", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:893b1e66-31bc-5f3d-87b3-f2ac33c5f204", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:943501a3-3179-5156-9eb6-273eac04f422", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0eb3205d-2885-59eb-afc4-17c82bb834f4", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d85db0f-2cdd-5100-b054-84d9768903b7", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32828a69-616e-535d-9b11-47d311404784", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2179311-fbea-5760-bc4f-3794faa2e506", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0b4a449-ce6d-5d02-aec5-3b2ce4d03ee5", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ed760c2-9065-5f7b-ae12-0d462d8e4c6d", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf0d93b1-c695-5b2b-8894-4a37f2744276", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5028761a-df34-502c-b6bd-9c0697b892a0", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:259d1fc7-4fac-5b5c-bf32-54627e1a323d", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28ff80d8-55e0-59bd-a458-642122ed050a", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e0a677f-48ef-5a58-9ac9-86da23a576ee", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c2072a9-6905-509b-979c-543672da3ad3", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c932d0c-2fd3-5f8b-8614-8d0c486e7bb4", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16d14bbd-481c-5305-97c5-df0f9a8c1e19", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91f8c699-a3c4-5fff-ac47-b14db3b7a49f", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96bf4994-bfd0-5b59-93b7-219017e254fb", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b27625d0-5053-580d-afcb-1816d007c61c", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffe0a58c-9842-5181-9868-bd6c8b5fb709", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff87268a-8048-5f53-8705-d8ce22602801", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-java7 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e83188b-349e-5936-a112-bf145c932f01", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63da80ba-b4d3-5581-bed4-2db549c01ddb", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e64307c-5d0b-5961-9f7a-7029811c741d", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:677a7c33-cdd0-5b24-ac39-c117336e72e8", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.2" } ] }