Maven package
org.apache.poi/poi-scratchpad
pkg:maven/org.apache.poi/poi-scratchpad
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-26336 | — | >= 3.8-beta1, < 5.2.1 | 5.2.1 | Mar 4, 2022 | A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the ap | ||
| CVE-2012-0213 | — | < 3.10-beta1 | 3.10-beta1 | Aug 7, 2012 | The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format |
- CVE-2022-26336Mar 4, 2022affected >= 3.8-beta1, < 5.2.1fixed 5.2.1
A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application uses poi-scratchpad to parse TNEF files and the ap
- CVE-2012-0213Aug 7, 2012affected < 3.10-beta1fixed 3.10-beta1
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format