{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bedd115c-dc29-5474-b454-e9b3b95959dc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1", "type": "library", "group": "org.apache.poi", "name": "poi-excelant", "version": "3.10-FINAL-tuxcare.1", "purl": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c99bffbe-89da-5f33-8bed-dfb655048f63", "id": "CVE-2014-3529", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3529 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b393eed9-a670-5a6f-870e-285ee535e761", "id": "CVE-2014-3574", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3574 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:649e799e-f190-5eae-b17a-b067e988e126", "id": "CVE-2014-9527", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-9527 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e216992-e837-5333-953c-79eb2b731ffa", "id": "CVE-2016-5000", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5000 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:212796b4-bd83-5002-84f2-050718b1b720", "id": "CVE-2017-12626", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12626 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07eaa83a-86e3-5473-868a-c04c1e9a5cdc", "id": "CVE-2017-5644", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5644 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd354e23-d62f-55b2-80d4-37270f295ee1", "id": "CVE-2019-12415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12415 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc2f2aed-3a4c-5a98-8fe8-f9b0b87315e7", "id": "CVE-2022-26336", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-26336 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d32e0bd5-dead-578a-84a2-94a4ef7c497d", "id": "CVE-2025-31672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31672 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.1" } ] }