{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ec429813-2af6-5ae6-b954-0a399e10ea17", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3", "type": "library", "group": "org.apache.tika", "name": "tika", "version": "2.9.4-tuxcare.3", "purl": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1b65be50-c0f7-54e3-9fcb-df25c6d990b8", "id": "CVE-2012-6612", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2012-6612 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e49c27b8-1712-58b0-b56d-90c399f01c14", "id": "CVE-2013-6397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6397 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02a59d87-0734-5ef6-a4ee-a67d0c167721", "id": "CVE-2013-6407", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6407 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e238a4b-1a10-5f0d-97ae-1700ab98a40f", "id": "CVE-2013-6408", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6408 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a16951c1-d8f8-545e-ad92-37db7d3b891f", "id": "CVE-2015-3414", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3414 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d75d366-0ee2-5b36-b132-1b08217db5d4", "id": "CVE-2015-3415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3415 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75fafe81-7019-583e-94bc-d9654b5b80d3", "id": "CVE-2015-3416", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3416 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f06270a0-e5db-5331-a38c-a707447f9a93", "id": "CVE-2015-3717", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-3717 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01c174b0-d012-5c67-90a7-938f1389a343", "id": "CVE-2015-5895", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-5895 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30ff2397-18ab-50b2-a152-5db46c438542", "id": "CVE-2015-6607", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-6607 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7aeb6577-b32a-57fb-830f-83e876c9a9da", "id": "CVE-2015-8795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8795 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4550fbfe-ec7b-5403-b541-3222701bd99b", "id": "CVE-2015-8796", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8796 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ddab5ae-65c0-5c82-b217-8720c13d8f3e", "id": "CVE-2015-8797", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8797 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0f59123-d860-5253-b67a-51b6799353b8", "id": "CVE-2016-6153", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6153 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e644a506-c4e9-590e-9d5c-7747aec3a970", "id": "CVE-2017-10989", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-10989 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a3fee77-f51b-5202-ab67-83fb3ef90138", "id": "CVE-2017-3163", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3163 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:551b8c2d-b870-58da-b146-72e4e88e1de7", "id": "CVE-2017-3164", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-3164 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:646044dd-430e-5d19-83ec-e833d1512c39", "id": "CVE-2018-11802", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11802 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef704038-ce1b-594c-8bd2-61ae95c202a9", "id": "CVE-2018-1308", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-1308 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f2b2cb0-8193-5397-873b-bfdab6b49a37", "id": "CVE-2018-20346", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20346 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b8eeb9c-9421-5ed2-9b3b-00b7528fc237", "id": "CVE-2018-20505", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20505 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb6c1c9f-b438-5cfc-9b80-e1e94b69d933", "id": "CVE-2018-20506", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-20506 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53dcfab7-3ce1-53b5-ba64-2965f6dfdfd7", "id": "CVE-2018-8740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-8740 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0def493c-812b-56b1-aa61-173f0f114267", "id": "CVE-2019-0193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0193 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f7ecc5a-9c79-56e0-86ab-9027b3a29188", "id": "CVE-2019-19645", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19645 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38841ef7-6c21-527f-96f9-38dd07d8a651", "id": "CVE-2019-19646", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-19646 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d61d5ba-4cf0-5c2d-84af-09c30d0d0e88", "id": "CVE-2020-11655", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11655 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c13e04e-62c4-54bd-87f0-ca096c423409", "id": "CVE-2020-11656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11656 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa1a7d7f-9c7a-5ef4-b422-71db649a93ad", "id": "CVE-2020-13434", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13434 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce772956-519e-53dc-97f0-90a50b50edb2", "id": "CVE-2020-13435", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13435 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5346c5f-76a2-5a9b-a43a-96be93bd0e7d", "id": "CVE-2020-13630", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13630 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a37dcf61-c48a-51a9-b40b-eee3863a0d84", "id": "CVE-2020-13631", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13631 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f2bfdf8-4f9b-57fd-b158-cdaa052640fe", "id": "CVE-2020-13632", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13632 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3579da9e-6660-59d9-abb6-68858bc70528", "id": "CVE-2020-13941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13941 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c523c17c-6e38-5e8b-a266-e914947bd846", "id": "CVE-2020-13956", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-13956 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9e729cb-c201-5241-9741-a670a82345cb", "id": "CVE-2020-15358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-15358 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:060020ff-a1c3-5884-83b7-3546839cf918", "id": "CVE-2021-27905", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-27905 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f3c9b43-e078-51a6-a12a-9b0bac71fd56", "id": "CVE-2021-29262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29262 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbbd102c-1832-53b5-b553-b9e5013a5f46", "id": "CVE-2021-29943", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-29943 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56943912-0f70-5902-8179-75dd3de00a2f", "id": "CVE-2021-44548", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-44548 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:030ca44c-ebbd-5623-b404-97b432c2f25d", "id": "CVE-2022-35737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-35737 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:475c7ad9-12be-5934-8298-a55b6d6b343d", "id": "CVE-2023-34610", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34610 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b683096-8741-5794-93f1-4250c0628731", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f8dfcde-3f45-51b5-ad0b-47acf5c089f4", "id": "CVE-2023-7104", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-7104 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:207ca279-b88d-5eef-90ab-724817199c35", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd60a784-f291-55c2-ad05-fd41cf8b9800", "id": "CVE-2024-56128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-56128 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:101b35a9-d25f-5e0d-8bd6-b283dfd9e208", "id": "CVE-2025-24814", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24814 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00680d93-e382-5286-ad51-216693f65c0d", "id": "CVE-2025-27818", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-27818 is a false positive for org.apache.tika:tika 2.9.4-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e803b652-a0fd-54e3-8930-bb0c55ba78a3", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c58ade47-9178-5376-b6af-02b6d20d40ac", "id": "CVE-2025-54988", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-54988 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03de87c1-9bde-5601-8aaa-cb86c4b788a1", "id": "CVE-2025-66516", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-66516 is fixed in version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0bb5288-c0de-592e-b0d0-b993ffd5cc67", "id": "CVE-2025-6965", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-6965 affects version 2.9.4-tuxcare.3 of org.apache.tika:tika." }, "affects": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.tika/tika@2.9.4-tuxcare.3" } ] }