5 matches found
ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +3470 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=5.0.0 <=5.3.0)
org.apache.poi:poi-ooxml MAVEN version =5.0.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: SNYK:JAVA-ORGAPACHEPOI-9685010...
ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +7055 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=3.5-FINAL <=5.3.0)
org.apache.poi:poi-ooxml MAVEN version =3.5-FINAL, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: OSV:GHSA-GMG8-593G-7MV3...
GHSA-GMG8-593G-7MV3 Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...
Apache POI OOXML Vulnerable to Improper Input Validation in OOXML File Parsing
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...
CVE-2025-31672
CVE-2025-31672 is an Improper Input Validation issue in Apache POI’s OOXML parsing. The root cause is acceptance of duplicate zip entry names (including paths) within OOXML files (xlsx/docx/pptx), which can cause reads of different data depending on which duplicate entry is chosen. Affects poi-oo...