| Release | Version |
|---|---|
| bullseye | 4.0.1-1 |
| bookworm | 4.0.1-4 |
| trixie | 4.0.1-6 |
| forky | 4.0.1-6 |
| sid | 4.0.1-6 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-31672 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Improper Input Validation vulnerability in Apache POI. The issue affec ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2019-12415 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ... |
| CVE-2016-5000 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | The XLSX2CSV example in Apache POI before 3.14 allows remote attackers ... |
| Bug | Description |
|---|---|
| CVE-2017-12626 | Apache POI in versions prior to release 3.17 are vulnerable to Denial ... |
| CVE-2017-5644 | Apache POI in versions prior to release 3.15 allows remote attackers t ... |
| CVE-2014-9527 | HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cau ... |
| CVE-2014-3574 | Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote at ... |
| CVE-2014-3529 | The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers ... |