{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a2148c84-87d8-55c0-b779-eb22931fb632", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2", "type": "library", "group": "org.apache.tika", "name": "tika", "version": "2.9.4-tuxcare.2", "purl": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:63331353-3660-5ef7-b789-e1b23d81031a", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a12f2f3-a9fc-5b56-abfb-3e27d93732d7", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d80a78e-47fa-5304-b132-0e9d4c9ed1f6", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa4bfc05-6e25-56db-985d-10ed38b901d1", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4351ae0d-dd2b-5316-8c2e-898e7510bbd1", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b935483e-6752-56a9-bf67-68a2ecf7a617", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac7c2695-06eb-59ee-beab-7265aa48f12b", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2695c23a-7ce7-5e8d-88f8-086c33bf1362", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ca4e160-5015-5d06-acbd-3d7df93f9022", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6e2404f-7f20-5637-bc2c-cd37f097f013", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9c7a8e0-5b21-523c-92ca-47943786f326", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a59c990-3025-5b35-a5bd-dc5c99d58e17", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a49bcf2f-b6f6-548d-b38b-cbc85323b746", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e763d92-cad4-54f1-8291-e3f051f30034", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb890e7b-8a83-594c-ad67-b80756ac5043", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fc100a7-1070-5247-9dae-5c8fe22b8b02", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ea4a569-c6a8-5ee1-a67c-467f3fedfcb4", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:177d544c-0368-5b89-a3a9-32183c88ed7c", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b938cfd7-28ff-5896-9b74-6e220a2a4410", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:397a9a83-f04b-5f7f-8197-6207236785d0", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e9d29f9-ad1f-5872-981b-b59ebce62d25", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89902e6e-d3fa-52bf-ab65-3cde2b4a9e98", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25608110-f614-52a6-ae69-a8b79cc7eb01", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24aa3193-4ec5-58eb-9981-b78710dc3474", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecde427f-2ac7-5ce3-85fc-129b2389f1c5", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85de68bc-624c-52d5-9368-0fcc775f3447", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7617d0b0-39d6-5ff1-8e9c-47d32f0026cf", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b0b69dd-ff8b-5b4f-ba71-dbe97e5d64a7", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88e15bbf-5f87-5e5c-b037-9e5ea6454df2", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1df802d1-740c-5c55-9790-4868ae70a711", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e0b2508-caf8-54d1-ad44-ed2657e5f15c", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33e3302b-82ef-5714-9c61-4357d5858932", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b8cdc19-d161-5e16-a52a-8707948a3293", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3af115ae-7c34-5189-b9e4-98bc22834c5e", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:405aa308-968e-538d-99f1-0ed2cbf1633d", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f3e0054-5a1a-57ea-9951-3fa6067be90a", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf9c39db-5209-5e83-b0ac-e03220fe55e5", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ac9b48d-3f2a-5c7a-87df-bbd486d655b2", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de3aa15a-6429-582e-89e8-1d930a475796", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c2069f0-454e-5235-a1e3-da9f2c6efff2", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b47d615a-8b18-50bf-867b-f2de652e215f", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:352c84f4-ac98-5d4e-aa57-ae5ca264c7a1", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af2d6710-88e9-5aeb-8db1-382d32f52d65", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5df092c6-dd6f-53cf-8801-ef493a8283be", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f7c9c98-a675-5d2c-86d5-a36991d98f86", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3151db78-58e5-564f-9b28-22d38b067e1f", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7afaea7-15d5-54f1-b5ae-cbc4c96d8e87", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ce42fa0-1169-5cdc-951b-7512c0dacfea", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika 2.9.4-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bc86c7a-565c-58a6-86be-6f6b1bdfb722", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46e2dc79-06c7-5dd3-9c5e-f43179a76cb6", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d145bab5-78dc-5f96-81df-f3fad7f8e475", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f024d0e5-86ba-575a-acc4-fed42b2e5126", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.2 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.2" } ] }