{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c1d78e05-bae9-502d-956e-bc85d7ce0070", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-serialization", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dde94507-6381-55f9-87d4-9ed1818966f3", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc4a2a2e-dfed-50b2-bdda-3ab47a3456c3", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1058674e-879b-5bea-9143-09afd73c0a9e", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b31f583-33f5-55b1-b4c1-c83a3185ba02", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9878a1b9-216b-5a01-9df0-8a5ed765b3ce", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d6e6af4-fbda-572d-bf42-31dc384657d0", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adebd09a-d4ac-5f31-a4c0-6fe1efa9c34c", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:178c475b-208f-5050-aa27-23ec0a2a04d5", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bcf6c589-e578-5a1f-8d11-169384e8ccdc", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63562cca-e0d9-5c2e-b530-71132c56e9ff", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78fab9c4-9ecb-5e77-8e6f-8f1ca9ab5aaf", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac003a09-0a8b-55b0-917c-ec4ff51ac66b", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1504d2b-77d1-58aa-b6c5-69ea9c7999fa", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58ebc820-899c-5918-940d-d24263af0442", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a1fea12-e180-50e0-8ff8-5ae3a4252d76", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cb96c50-eb93-53ea-9768-7c7cf4c3311f", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:775a8045-95c8-5add-a704-6244d6d4cb36", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3bdbb08f-5459-5333-ac16-72d4bd2d0318", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:968be690-232d-5e77-9b3e-8c231bb56a05", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5aad766-1a6b-5f01-8e3e-58153ae75a99", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b68344d-b6fc-51cd-9290-45974bd2997d", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c1a3edd-4792-57d8-be33-66c46992c58f", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc4979a7-c692-539c-ac27-1d1042d45aef", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:690927be-57a8-55e1-8bb7-ddc3f4ec542e", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8a46f83-ac85-5d25-b833-5cacc3497f1f", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:561ab308-3ad7-5caa-87c4-ef57a13dd98d", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4382c57-5bd0-5457-b34e-2aa1a7283160", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56709e19-f520-570b-b3ce-40731b2d95e1", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b71bf3fd-3f0c-5067-b774-8780522208c6", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12911763-15ae-5447-9a2a-b7611f6572c5", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0d62287-f0e1-5558-bf41-9baf201b9ad6", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9e184fc-ceee-54f0-9be6-2ec9e362acd9", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b245928f-586f-569f-bfdf-b69e325e84f3", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22fbf299-938e-56dd-b835-deb521b8219c", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8baa22c2-998c-53ac-9ba2-50dfdb379aca", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90ee969c-af18-56da-a670-a8bec59175a3", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d52a7878-713b-522e-bb11-3d4da87b1a0a", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65b2448d-2d72-5591-85d9-b247e6953636", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c0a96cc-63f3-5efb-8b03-2e085be2c66a", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17fc90d6-125d-59eb-80dc-06f7bb532088", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1646983f-c2a8-5aad-aa15-6bf9f61dc1ca", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9627c154-3036-58bf-a0de-147fdb0a5b87", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:753663e0-ebf6-57d2-8b66-18999110cefa", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86e6125c-1b17-5209-8220-cd599ea19b64", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bddeaab3-8a02-57dc-8936-77380c066686", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d20e95c8-4ad5-5278-90a3-e7876ed506d4", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db3770b1-e909-5242-92d6-7af04161b50f", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e54cc8f-d265-5045-9f39-7e3f92e80a71", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-serialization 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a7ab8e2-929a-5264-a92e-8d2277004939", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cc2886b-390d-5f83-9832-6b84fac0b299", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b3d0b3d-d058-5162-935c-d6fbc396909b", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f59270d-088f-52a7-906b-c4969c23a620", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-serialization." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-serialization@2.9.4-tuxcare.3" } ] }