{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c505ab5e-a641-5d18-9ff8-d7ecd41f74bd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2", "type": "library", "group": "org.apache.poi", "name": "poi-excelant", "version": "3.10-FINAL-tuxcare.2", "purl": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e8e92b7b-bb8f-59e7-89d7-66b15f5353ae", "id": "CVE-2014-3529", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3529 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75071db1-b6d4-5043-a517-26a995678c91", "id": "CVE-2014-3574", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3574 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bccc5680-5800-568a-82c4-c42601974025", "id": "CVE-2014-9527", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-9527 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6869651-c99d-53d6-9cc5-06dcac20f63d", "id": "CVE-2016-5000", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5000 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6878ab82-4c48-591a-b6ea-3150191f1bcc", "id": "CVE-2017-12626", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12626 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ad5db71-73a7-59c9-8ef4-771d0e2f75d9", "id": "CVE-2017-5644", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5644 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b545235-8298-57ce-b124-09c64da6f57f", "id": "CVE-2019-12415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12415 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17e892e3-f5fa-5735-8cf7-b03059d74830", "id": "CVE-2022-26336", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-26336 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c1367ef-f50f-5d8d-98da-0b66ca386d6a", "id": "CVE-2025-31672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31672 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-excelant." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.poi/poi-excelant@3.10-FINAL-tuxcare.2" } ] }