{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fe9d72a4-58e7-51a3-a07d-630230de5ce7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1", "type": "library", "group": "org.apache.poi", "name": "poi-ooxml-schemas", "version": "3.10-FINAL-tuxcare.1", "purl": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:465d24d6-79af-5791-8ca4-c8520f4526df", "id": "CVE-2014-3529", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3529 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8d14ecf-7e3b-507d-ba4f-4bf22f01c8e7", "id": "CVE-2014-3574", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3574 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34c5e12c-2bd3-5dbf-a4d6-8757d2cec222", "id": "CVE-2014-9527", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-9527 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c31d03a-2c1d-55b8-9f8c-dd647c3ce51b", "id": "CVE-2016-5000", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5000 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a39fda54-794f-591b-bbb0-ca51843d6154", "id": "CVE-2017-12626", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12626 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8c7aea8-dbf9-5ed9-bcab-86a58b677844", "id": "CVE-2017-5644", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5644 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f78dc7a-f9c1-5095-a795-ec53e8cf2101", "id": "CVE-2019-12415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12415 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b573027e-d574-580f-b398-eb97d0901c31", "id": "CVE-2022-26336", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-26336 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:401baba4-1980-56a7-8558-de6ae6e0aed7", "id": "CVE-2025-31672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31672 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.1" } ] }