{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b535f439-7ad0-57d4-940c-2e106e6729e1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2", "type": "library", "group": "org.apache.poi", "name": "poi-scratchpad", "version": "3.10-FINAL-tuxcare.2", "purl": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6a12e141-cbb8-5eef-9e7f-4b615e943fc2", "id": "CVE-2014-3529", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3529 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14376858-bb7a-5364-b8c0-adf26a728946", "id": "CVE-2014-3574", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-3574 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bcc047f-5e82-58af-8b35-394898709ac5", "id": "CVE-2014-9527", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2014-9527 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0dd6cb5-98de-53c0-8e95-9d68cee0bc2c", "id": "CVE-2016-5000", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-5000 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9afebff7-17d8-585b-992b-f092fd9bcd3e", "id": "CVE-2017-12626", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-12626 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a8ef4d7-3fa9-5b51-98b1-cdc6660dbdb7", "id": "CVE-2017-5644", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-5644 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:963cc128-4003-5810-a794-a9cb382a113b", "id": "CVE-2019-12415", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-12415 affects version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01c10103-9e16-5a2f-9893-b2a23a287820", "id": "CVE-2022-26336", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-26336 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6c2469d-5584-5143-a1da-477b16d16c00", "id": "CVE-2025-31672", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-31672 is fixed in version 3.10-FINAL-tuxcare.2 of org.apache.poi:poi-scratchpad." }, "affects": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.poi/poi-scratchpad@3.10-FINAL-tuxcare.2" } ] }