{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9f66a7d4-6c6d-5a8a-8a01-e489ae458ab5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika-xmp", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2e2e101d-7d70-5140-8dec-9ef7e9e5975f", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e0681d1-65ba-515c-9f10-851d41e47903", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0999e503-bab4-55f2-81d1-79ab6955be84", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d95c6969-6381-51d7-99b2-bf85e7996857", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbc26034-a79f-55d3-b23a-730cc27b44ac", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77f24968-3d4d-52bc-acc1-42367a55ccd4", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:451e0cc8-c118-5eda-a1a0-c1b7ec62cade", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8fbb4f1-86e9-5ede-9343-e992909909bd", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9a94aff-5594-5128-ad77-c8dbb3284248", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86b18e09-13b4-5c94-be06-2410bbfac52d", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba2476c1-cb7a-51a1-9fa8-ed0d9cec8f5f", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8183002c-9a13-5cc2-9c98-3223cda95084", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56c85a37-4010-573c-8554-04b6e570855f", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62b135da-cd3f-55f9-937d-00276bdc98b3", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbaf418c-f8a2-5d64-8e41-dadd74c2b27b", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd3dca78-8365-598b-852c-cd72ad4cfc8c", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f003810d-b46b-560a-acf8-bb64524aa457", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aee1f3df-3b1b-59be-a2ab-f93631e6ab60", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e70eb50b-9d51-5f2b-ae9c-31819682574b", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a5532e8-14e9-5ef5-9c6b-c5870905bc41", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1eb1bc79-94de-5941-bf0c-8cfc9baa97e6", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fec52166-21bd-5dfa-b6e6-deda827723cc", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ca9c503-9e65-5f7f-83f2-2d9857fc9c2b", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d395492e-c4c4-52c3-9855-90d34f822670", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57ed0a7b-8f5d-50c1-8bd2-3b3ab87123f7", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7fa0e80-1c1f-5004-b071-8c3813ccbf0f", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd4d4c71-0902-5206-990f-a64ace62cea1", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4af1eea9-9916-59c4-a5b1-36c9687828e1", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de21cfeb-dd9a-5a7e-a90f-afced312d40b", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e54c7bd-1c83-53ed-adb2-91af7a8cfd32", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec525f17-6ee8-54a4-b696-84309defbd8d", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26e33ffb-2502-5465-95e8-8f739d1b1f4c", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e49e9556-aede-522e-9d15-bc51f6f8b7d1", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea2bcaa8-afdb-54d5-9da1-81a1f9884fa6", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fc70003-9a73-5fd7-b4e8-e88411b0eef2", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10d428a4-10cf-5c69-bd58-68f88d9bdd38", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a69c7d0c-41d3-5868-a6fb-b863fb548973", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dffcfeb-93f2-57d8-8908-b7671421aef6", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf42c863-6ba9-53d5-8b08-972092830270", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7b38dad-07ec-5b2b-97b7-7f0aa8ea0a92", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a24c447-3c87-5354-bfd6-ad5679e79990", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a9306a5-c240-5c39-869c-73a7a6513ca4", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dede3e7f-8214-5ba5-b6ed-dd900dbc3b33", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7130cd06-191f-5c52-82a7-c88fc53c44c6", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:570e34e3-f0ac-53d9-8627-6caadd4c3d42", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd701dce-b598-5e70-9753-e7bbe4018063", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:423940b2-a0e3-54d2-b39d-3f1b23bbb010", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7418ca11-4d6f-5718-9bd4-19eabfa56ccd", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-xmp 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfb27d75-60c8-51ed-88cd-9ac34ca17ba3", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d7e1783-4ba5-5701-b931-489b7f964757", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1b695d7-a11b-5dff-ad8c-68a00087c13e", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:965e8f04-74bf-5dd9-80e1-5fcf7b700173", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.2" } ] }