{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8844dff6-709b-54ca-a791-0686f9f169fa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2", "type": "library", "group": "org.apache.poi", "name": "poi-ooxml-schemas", "version": "3.10-FINAL-tuxcare.2", "purl": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cd98f2b4-971d-5636-8716-4edad110ffd6", "id": "CVE-2014-3574", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3574 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e330c13-4571-5eb6-9fab-acd94ad019e4", "id": "CVE-2014-9527", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-9527 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d04c1b01-59e8-537c-97ea-82a8243feb86", "id": "CVE-2016-5000", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5000 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f18b10f6-8f6a-5c06-9854-c8bc8c205302", "id": "CVE-2017-12626", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12626 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:998b7a35-892d-5200-9553-37bd3514c98c", "id": "CVE-2017-5644", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5644 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f3e5cf6-20f7-59bb-b0d4-401e4a2c6c6b", "id": "CVE-2019-12415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12415 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8968d61-8730-520f-95d3-3d5eec7ad09d", "id": "CVE-2022-26336", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-26336 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00e7b01b-0dca-5b6c-a670-ab5550c9fa21", "id": "CVE-2025-31672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31672 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-ooxml-schemas." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.poi/poi-ooxml-schemas@3.10-FINAL-tuxcare.2" } ] }