{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b8a4ce65-ab17-5983-80e6-365956f8af2e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika-xmp", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4cb965f7-384e-5a61-aa6d-f8fd58683dbf", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60dd0042-c310-543b-8a08-b9ad6cbb7893", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1312b91-7fcc-529d-85f6-cba60d929f6e", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:775c30df-7d0e-599a-911d-d2f3d800b430", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51738c23-12cb-58df-99d8-5a0efac58933", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d687893-df89-57b1-bc9f-16677ebb3c62", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a478841-b0a1-5425-a8b5-e63909daa5c4", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59e0bce6-df15-57d7-99b0-3a6f4a60b9cc", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d67d86b8-dd82-5bb6-9ec3-ae1588f1cbc3", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7f075a8-7054-56f4-bca3-593d88b05f1b", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2fa89764-3160-5d9f-8f04-caf838cedbc2", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a547201-1fcb-501f-a1b1-53c5e222d8d3", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a96a942-bbc8-5489-b1b5-07fcf7af0578", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29082914-fb4d-5f5f-b002-6495bbac5dfb", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f540b5d8-5196-5a99-a01a-771f8174dda6", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:556668b4-5b9e-5029-9969-41e955893b6a", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b5e9f58-80e3-54d4-80ba-3e1840f91e7a", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ba4087c-38f3-5505-bfc2-ce7670863c09", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a9c8007-5ffa-5477-ba3e-21a0c009430a", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29787fc4-2d59-52b0-b226-8d939c90d868", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e24b279c-f92d-54dd-9358-66c883da7d30", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:521b5cea-c4cf-51e3-96a9-f25fa5e6f0db", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f4ad9d4-a584-59ab-8d4d-5f7320619dd9", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccd51861-b7b8-5322-be61-6f535400319b", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:027578f5-d8ec-598e-9b8c-7b379f741ff5", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d68b0d9c-de25-5776-9c0f-26b69541066a", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52414b7f-64a4-53f5-89f3-d629b01c48e6", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a15ac251-74ee-599b-9b1d-4a504a968b22", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10427566-01ab-57bc-8c01-43a5e81fa600", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9340856d-fd20-5a65-844a-18320271e2a9", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:defdaa63-bcc1-5528-9c4e-70cf97a73e85", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84370124-6a92-5914-a262-cb31a6733d66", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56db6d26-cd92-5cff-a89c-ab1ee07ad0a4", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63650433-f0b3-51a1-87cb-bab638229232", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57648c68-84a1-5ed5-b976-b666fc8b25fa", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:524bb0c6-1613-57ae-a722-131d35439ec5", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:660a7f33-17cf-516c-a448-8cf7fc12e3fd", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9cd9082-8bd2-5098-9576-a8192a0d25c7", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae830ed8-7f2c-549b-8500-e6a0b62ca4f0", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e15fc46-fa98-54fd-bb27-201ad655a90e", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:939ca627-9847-5a33-9633-aac183337614", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d91506e2-6064-5150-836e-4761c5c22a3f", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e3b9fac-4d10-5c05-8605-af52dd7efe9b", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff989c57-d326-517f-a99b-cfe26de55a21", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a5624d1-b634-5d73-b290-c66eb7808d8b", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f035b4eb-b906-5b72-ab29-87dbcdb3adbb", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28abb18d-1756-5046-81ad-fe61dfac4137", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:982c179a-1f6c-56a3-914c-19c533e26d42", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika-xmp 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8812747-6315-5fff-ba05-4dcdc2565d9f", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d4072bb7-2919-51f7-8545-3c5718d21931", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f596c39d-9051-5777-898b-067b9818ac0c", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fad8f03e-7776-5e87-b1e4-6a20f797073e", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika-xmp." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika-xmp@2.9.4-tuxcare.3" } ] }