{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e843b644-50f6-52b8-9ff9-58f08e73c2be", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika-server-core", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2d41b170-e3af-552b-b7b9-c738caf228c6", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36744fde-1c67-5d14-af64-53a4af0217a4", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e00968b-f7fd-5c17-ab20-a95285b22862", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b7bf087-3667-57e8-a2c6-55586947613c", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ebcd833-5833-593f-b455-0f8ede190225", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3153340d-1dd6-58e2-a561-7ebd5d924aa0", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39417807-3c53-5427-9442-aa708f9e251a", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c14d089f-125d-5dac-b426-97f5ae8b6e15", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bd59ff5-e642-5568-b0f9-78748f6d164c", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a70d0c8f-c7a6-53ee-9e17-4a33bc2087cd", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89081145-ec48-5bd1-9659-f8a69ac3e4c6", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ca1a3da-6ee2-58b5-a089-c61688d246cc", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a60144d8-09da-5985-b163-b0a0894a7de2", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:027b7622-37ef-5abc-9123-f2afa8f08322", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:337b8818-242e-52cb-9ba5-b0d214a9527c", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d581c40-2546-571a-9bfc-b72710c386cc", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a863076-db95-5258-afad-2becc77fd652", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f28344b6-ada0-588c-a2ad-c500367f24de", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:639815ed-284b-5872-958b-79d58f904939", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd48e6b5-d576-5f02-96ab-e6dd3e631753", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa851111-74de-552f-b3ac-e4c01c237446", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cf8a799-f568-55a2-beef-6cd6c74fd979", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:825e8460-f995-5391-bb0d-9837286a1aef", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35c23cf4-832d-5501-9013-505ceb8e4a2c", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0851de49-36fa-572e-8962-ec036e119a0d", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8555802-5c6c-5d19-8c10-af9715f68f68", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7ded62d-0946-523e-85d8-0b6b50efce75", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50fed05f-0e5c-5848-91e7-489141390bf6", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7e103d5-34cc-5331-8d11-bc413ee12fb5", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd2f0a8a-2742-57fb-a95e-b873a03b0ac1", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ee59b07-01ae-5973-b1fa-f7c3d35af25d", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11c91456-4315-5917-b06f-f16c9597aaa7", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58eb14f3-79e6-5076-ba58-7871a524fdf9", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15a208e2-bf3d-5cf4-9c0c-d84606461e01", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7ee994c-325a-5522-a8de-eaa022b8d7fa", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a11f39b-cc2a-5fc5-ab9f-de5454ff2ce4", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2509ce45-1c2a-5c65-b597-1a154c11cdd7", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18c978a4-aa13-5f7b-b117-f5fbaa8c629f", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35ce00a3-4cd0-5e16-88ec-e03e1c7fda55", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc1e739a-2103-5380-a376-fa2ff9f2941b", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd596823-c8e8-518a-9342-c23eb8c3e8ec", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a6fa649-32c3-58c5-95c0-ca7931b465b4", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:340dd939-8ac1-533e-92f9-e8936b1f3edd", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0abdc1e3-fab8-5a2d-a527-e3d5a402a40a", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:914bc5e2-a8b3-54b9-8b9f-1622070bec77", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a863381-be83-5d17-931d-e5767ab9d668", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ed39976-62b8-52e9-855f-c6c2965a6efc", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:103340b1-ce79-5937-9328-cd0632aabe85", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-server-core 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1df525e9-f770-54eb-a6a1-836814da6e58", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec2dc12c-834b-551a-b0da-c3693b4caa84", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a253a79d-7de4-5c88-9509-b8e61e225bc1", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85854fb8-4023-5f9c-bc49-92c98307f7c6", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-server-core." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-server-core@2.9.4-tuxcare.2" } ] }