{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a14dafe7-9655-58e2-a61f-7c980b59276a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika-serialization", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bc638d6d-b41c-5299-9da3-a3906fb8a2e3", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d895076-b727-536e-810e-8c7fe7981dfb", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a0d130d-a96d-56f0-9474-6260aa7a482e", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57973990-b9f9-552b-9d77-898736db4669", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:857b546d-eb29-52dc-90df-8908d8f253c3", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db25718c-1271-51ca-873f-bd7e10f1029f", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f107e3de-7de9-5c19-bfab-e822513f61c7", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07dd93f9-e165-5d06-958c-a8cea175ace5", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43de4e0a-2c63-5881-b3fc-e726c9947dfe", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20dcfa1d-8bbb-59ec-8302-6a704a48b408", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28c8d823-d925-516e-88f5-aa3ce41f8968", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53a19ed1-b520-55bc-aa8d-8fbb033266ad", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:850ec825-1db1-5778-956d-b1abf7f7ac80", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0d31fe5-25f9-5f3c-a7f4-4a79fb75173e", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b74b2b3-21de-5baa-b16e-4b771e514810", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58e678b9-b169-5da5-af06-1c0f39a7f9a7", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e54efc16-f9ab-5a50-83f3-3e385e039ca3", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e66ea677-f5d8-5581-9408-165988194df0", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce5eb9b7-34c6-5a15-a4b1-277bdc4a66b8", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b6c95bf-49b2-56a8-9ca4-6a293e353ba0", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15559d10-e1ef-5af2-ae8b-a3f038449618", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55bf0db9-46ad-53b1-8007-e20a7d163825", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c07f299-4db6-50ce-86ea-1dd24b3209ad", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:397c133d-43f4-5790-b22c-1e5f73eb4758", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4720a6d-4e9f-58da-bb44-118a4f57cf30", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45224d20-03f6-56dd-be0b-f2126c989a8e", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90c6c3ed-83e5-54cf-99f7-73e083d736e1", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9832912f-4345-567f-9e0b-1b9f1e088721", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10f79a78-ba15-54f2-94fe-f502b4e688b1", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b47599af-39d3-56c9-85af-cd6ceb7b4378", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8884a87-5200-5e7c-b6c3-f0e740abf6ff", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:134e46ac-7aab-5290-82eb-154394261f7f", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40037fc1-8a30-540d-8995-f7f67d2454c4", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28d3575f-bc40-50ba-bd59-457a97772366", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:203e08ad-f5dc-5f39-b423-308b1636db7a", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85612d01-94ae-532f-b198-df2ea62769d3", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f65ff2c4-73b4-5949-a70e-28ab536b1d74", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a699b242-6f9b-5fcd-a1f2-3114af4d70fb", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:979be5e2-1031-554e-acfe-6540f45f1935", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:760b3bc8-b8d3-5666-9774-8848aee38ebf", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:968a7e70-3900-52ec-bdf0-7a2554bb38a8", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caebdc24-f1f2-546b-9f3f-7b56fe7cc08d", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87a5d5b8-3fd5-59cf-8701-1f85b09fece3", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4815addf-38b3-5d0d-a4f2-d326a3ebb1f1", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee3210a4-6d72-5857-a5f9-976ff63f1d28", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8547935f-4eaf-5ebe-960e-5ddc6c6f50da", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98a981ef-d3c6-51c2-84a0-83cc45ebaf85", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2b6dfae-bfcf-5bbb-a907-5360678c07ba", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-serialization 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c473307-d76d-530d-a1c5-388b7d077d41", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1320ab4-d323-56ea-8abc-6fefa66b4daf", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94f62e4f-a781-590e-b230-ba2767655930", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96656265-f4cf-5384-8dcc-122e9c459e85", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.2" } ] }