{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6fd1ac01-52e5-5836-8a0f-532611323790", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-server", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:407294e3-5565-514e-9876-1e53d475ff85", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84e42ff2-c5b4-5189-a1db-c6aef1ce378b", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f17f4042-8d99-5f10-b060-694a83f1aa7b", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4264d8ee-7a20-55e5-be0c-c5d253e1358a", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b437707-e3a6-53c7-9b1e-12e6f9d0a30c", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a74d6b8f-4479-5509-841c-d0da59d0ec95", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:810a8613-fd51-50cf-9c45-45a6a1e51f8d", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a9e587a-e6f7-52dd-bf6a-a30ec84e0914", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c5fd02d-16db-5483-87bc-3628d7504592", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5eb54839-22fc-5308-a20b-cdd3c02c1a3d", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0174411-64c2-5318-bc05-e3ff95390f30", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89542d28-138e-5b83-bd03-ba00d1ef2606", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3457ab66-d939-5a76-89be-af1b77bdf573", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a91144c-7f39-5336-ab99-b16ddedbd652", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39ee6d09-bc30-5f6a-a69b-63ba170fb1e8", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c91aa0e-d89f-5110-a788-5b43c9c0afeb", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf3d5087-229e-51e6-b6bc-1cc2dcb8070b", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:028c1001-0c41-54ee-97a5-2189dc3afbf3", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54c8d652-3148-519e-9d7c-c52208052b7a", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:088c96aa-9e05-51ec-927d-a76e81694efa", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32dc9e87-f3d7-571d-b029-8354bbb3b433", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b3ae3cb-b72d-5987-9d29-abaaff658c1b", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d088f8d8-068e-5d89-a7e7-796391711827", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e272edab-44d1-5aa4-b639-6a33ebd5fb7f", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29c42bb5-6a7c-55f4-84a7-a85bdca7e028", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:440a7091-5bc9-5842-bf9e-3c8fc9d84f23", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4dc4fdf2-adbd-5a4e-ad74-eab938c7755f", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2905bffe-096b-505e-8f48-6214af79dd1e", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05966cd4-f325-5ea0-b36d-605a51501c7c", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:530781ae-74e4-51f5-b6c0-574ae49aecb6", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04f8560d-bf79-51d4-beef-a6b2768518a5", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f34a0dd-e005-581c-a0e4-4dd194da417c", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e769bd31-2f9d-579e-a9de-f83375f9b185", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1a98dec-4658-5cec-953a-66548a671599", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9c00e8c-b4f6-561d-8ed5-74d5f0255ee6", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c10c0e0-ca07-5f54-8499-01800963dd0a", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f200698-0887-5248-b01b-7521ff352c0e", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48652abf-978f-53f2-9a59-95b2eacef601", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53bea21e-b3df-5778-bce2-a720674f7b45", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24507f85-e480-5dc6-a845-a6ecae1c6982", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f61fefc1-d66b-5343-a01c-2a68f55cb1c3", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a875b0db-9f06-5b0e-a58b-4d7a87440980", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86d6c233-8cc1-5952-a98d-69e9f88fc786", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8e8ba92-9a74-5471-a637-8c7088b757d0", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5af1db70-c4a0-56f7-9b1b-54952ac09ed0", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87e8ed6f-d67a-533b-8a19-01bb113b7179", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c53fee2f-2f26-570f-add7-3a93e444c959", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e47f9571-cc94-5459-9657-a21d16684464", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-server 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2feeefb-5edf-5c82-9f7f-b85a2f55981f", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dab9bd31-939e-59a2-8a8d-89b4f9f5a7e5", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:408c646b-4821-5950-adb6-88c20b8f9328", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6a442ef-afff-5030-be00-72a5556ca890", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-server." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-server@2.9.4-tuxcare.3" } ] }