{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f310474e-077f-59c4-8be0-bbefc652554c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-java7", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5268167a-77bd-5353-9800-4dcb2d6cae2c", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bee5af24-5bc8-5e08-a96a-8a49b7ef7998", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:128c7a59-0f89-5e52-8f96-e6694fa75fa0", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:307e39df-ffc6-5e4f-b450-ae1e0b9added", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6a89ebd-339d-548e-8d44-8e984d92ba2e", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78c234ae-87b5-5629-b55b-e7c5dd883fad", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0118f11-6f9c-5a2a-808d-b6ffd1c99697", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adec540c-c40a-53b9-bf6c-8f4aec142b2b", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db356391-746d-5271-acfa-120a80ca0326", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7579ae36-abfa-5a83-baf9-977c3930be68", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e46fae2-cc03-52b0-a5fb-a63f5db58011", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d57d99f8-8546-5fb1-a87a-0697f14d32d6", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1e5775f-3be7-52e7-bc1c-16796620f6df", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53ab4ad9-d907-5e1d-9f94-ef1973b888cf", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8fc1cff-256d-5b73-b665-d37acb9ac6e5", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df1806b7-2fc3-54e2-b597-5cf45c64d412", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25861cab-02f0-5637-99af-48c4356dcccc", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e421ff0e-56bb-5488-8aa4-2c57349f8b57", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3957df9d-3d5e-5092-b4ca-12e0e1928de0", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4f02f6b-c2c7-53b7-bc2a-1718e178eb64", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c5e9c49-fb08-55b5-a389-8492643cb9f0", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ce6bcd8-dc1e-56b7-ab37-46d30d99adb1", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fd2622d-40e9-5d35-b2c7-3fe49aea8908", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09cf4555-246a-5c74-b83a-0f88acc4b91c", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6066137-a303-58df-9238-a9ee4921eec7", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d663b3ea-16e6-50ee-af25-b88952767891", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:125ad086-85ac-501f-91cd-68789a60d623", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0e502a97-53e9-5144-8154-20258e24a245", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9347762f-c0d6-5b70-9c47-3bebf35d33c7", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73b57a17-2df4-5afc-a69f-dbe61b0af6e7", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3b93b17-3dff-5817-8045-f0f1fccc1823", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80e546ec-b530-590e-abd4-c6aa0265093b", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7cd435f-58bd-50a6-aba9-8f4b62819df5", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8bceccc1-c0a7-5148-82f2-8a724a1c8eb2", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5138796-e848-5f9d-9b3f-d9acef645379", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a10b43cf-bf91-5d36-977a-2700eec2e37c", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35f7bebf-8fe6-5782-91d7-1fc0d40f6540", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:192ee9b5-b02d-5601-a42a-4b41f1310d35", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2773302-4abf-5320-95ab-f8ad5d8c6fc2", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66b1abc7-1192-50c2-b00c-428d62a80142", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1f68890-9496-5b77-ad8d-1721a27e39d9", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8eae46cb-89d0-52a1-83e6-e64d5a9da0d7", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d41eed8c-ea75-573c-afc1-66a767acb61d", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c26027cd-b0ad-58bf-9651-0327b0530b12", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72255df4-7539-50b6-9100-584676be939d", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82a8c9d9-290c-5994-85b6-1dfe23b21cc1", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:657acae6-f823-5e99-bb64-b051aed6ab72", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:409654a7-0b7e-5ca2-a199-c6ed3cfca479", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-java7 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4c96fa6-5b48-5c80-8c59-998156817fd7", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a3e5ee1-b494-56de-bd36-ab8e3066517c", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6e44455-c8aa-58be-af4a-953ac629a3bc", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34a5c594-d08f-5ab3-8bfd-92e9455c8cdd", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-java7." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-java7@2.9.4-tuxcare.3" } ] }