{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d4904003-3f63-584e-a892-b693d606f6a3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1", "type": "library", "group": "org.apache.poi", "name": "poi-scratchpad", "version": "3.10-FINAL-tuxcare.1", "purl": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ce5b8d3a-c296-54f0-9257-4b051e303a42", "id": "CVE-2014-3529", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3529 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6081d583-a707-56b7-9a22-142ac8e54796", "id": "CVE-2014-3574", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3574 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4da955f7-5d9c-5b01-9f8f-b7be7ef48203", "id": "CVE-2014-9527", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-9527 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45409f62-5af2-5080-ba35-d98f0a2714b0", "id": "CVE-2016-5000", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5000 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9528319-65bc-56ca-bfea-0bff6e5bfc85", "id": "CVE-2017-12626", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12626 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ace9c7d-98c5-59d4-a310-59ed915a574f", "id": "CVE-2017-5644", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5644 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a629205-17f1-5c48-b671-b798d6fba53c", "id": "CVE-2019-12415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12415 affects version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ea3e657-2b22-5084-99f8-6d543c33b2b8", "id": "CVE-2022-26336", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-26336 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c9a592a-9c9d-5584-860e-561c58b05038", "id": "CVE-2025-31672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31672 is fixed in version 3.10-FINAL-tuxcare.1 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.1" } ] }