org.apache.poi:poi-scratchpad
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.apache.poi:poi-scratchpadpage 1 of 1
- CVE-2012-0213NONECVSS 0.0✓ Fixed in 3.10-beta12012-08-07
vulnerable: 3.0.1-FINAL ... 3.9 (26 versions)
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted le…
- CVE-2022-26336MEDIUMCVSS 5.5EG 5.5✓ Fixed in 5.2.12022-03-04
vulnerable: 3.10-FINAL ... 5.2.0 (37 versions)
A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-…
Check whether org.apache.poi:poi-scratchpad is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.poi:poi-scratchpad CVEs against the assets you own.
Start Free Scan →