Package Instance

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/217549?format=api",
    "purl": "pkg:maven/org.apache.tika/tika-server@1.16",
    "type": "maven",
    "namespace": "org.apache.tika",
    "name": "tika-server",
    "version": "1.16",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": "1.28.4",
    "latest_non_vulnerable_version": "2.4.1",
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54294?format=api",
            "vulnerability_id": "VCID-42ad-sh45-7fev",
            "summary": "Loop with Unreachable Exit Condition (Infinite Loop)\nA carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28657.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28657.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28657",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00221",
                            "scoring_system": "epss",
                            "scoring_elements": "0.44847",
                            "published_at": "2026-06-05T12:55:00Z"
                        },
                        {
                            "value": "0.00221",
                            "scoring_system": "epss",
                            "scoring_elements": "0.44778",
                            "published_at": "2026-06-04T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28657"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E"
                },
                {
                    "reference_url": "https://lists.apache.org/thread.html/r915add4aa52c60d1b5cf085039cfa73a98d7fae9673374dfd7744b5a%40%3Cdev.tika.apache.org%3E",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.apache.org/thread.html/r915add4aa52c60d1b5cf085039cfa73a98d7fae9673374dfd7744b5a%40%3Cdev.tika.apache.org%3E"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0004",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.netapp.com/advisory/ntap-20210507-0004"
                },
                {
                    "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
                },
                {
                    "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944881",
                    "reference_id": "1944881",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944881"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986805",
                    "reference_id": "986805",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986805"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28657",
                    "reference_id": "CVE-2021-28657",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28657"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-567x-m4wm-87v8",
                    "reference_id": "GHSA-567x-m4wm-87v8",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/advisories/GHSA-567x-m4wm-87v8"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/80166?format=api",
                    "purl": "pkg:maven/org.apache.tika/tika-server@1.26",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-8qc9-3mxe-8ydp"
                        },
                        {
                            "vulnerability": "VCID-zj8z-ja31-mkcr"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-server@1.26"
                }
            ],
            "aliases": [
                "CVE-2021-28657",
                "GHSA-567x-m4wm-87v8"
            ],
            "risk_score": 3.1,
            "exploitability": "0.5",
            "weighted_severity": "6.2",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-42ad-sh45-7fev"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102853?format=api",
            "vulnerability_id": "VCID-8qc9-3mxe-8ydp",
            "summary": "The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.",
            "references": [
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33879",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.07949",
                            "published_at": "2026-06-04T12:55:00Z"
                        },
                        {
                            "value": "0.00027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.07981",
                            "published_at": "2026-06-05T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33879"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33879",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33879"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20220812-0004",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.netapp.com/advisory/ntap-20220812-0004"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20220812-0004/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.netapp.com/advisory/ntap-20220812-0004/"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2022/06/27/5",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2022/06/27/5"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002",
                    "reference_id": "1015002",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-6q8v-2hvm-fx37",
                    "reference_id": "GHSA-6q8v-2hvm-fx37",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-6q8v-2hvm-fx37"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7529-1/",
                    "reference_id": "USN-7529-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7529-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/503956?format=api",
                    "purl": "pkg:maven/org.apache.tika/tika-server@1.28.4",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-server@1.28.4"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/503957?format=api",
                    "purl": "pkg:maven/org.apache.tika/tika-server@2.4.1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-server@2.4.1"
                }
            ],
            "aliases": [
                "CVE-2022-33879",
                "GHSA-6q8v-2hvm-fx37"
            ],
            "risk_score": 1.5,
            "exploitability": "0.5",
            "weighted_severity": "3.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qc9-3mxe-8ydp"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39590?format=api",
            "vulnerability_id": "VCID-uyg4-mswu-s3f5",
            "summary": "Code Injection\nFrom Apache Tika, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients.",
            "references": [
                {
                    "reference_url": "http://packetstormsecurity.com/files/153864/Apache-Tika-1.17-Header-Command-Injection.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://packetstormsecurity.com/files/153864/Apache-Tika-1.17-Header-Command-Injection.html"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:3140",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://access.redhat.com/errata/RHSA-2019:3140"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1335.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1335.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.93876",
                            "scoring_system": "epss",
                            "scoring_elements": "0.99881",
                            "published_at": "2026-06-05T12:55:00Z"
                        },
                        {
                            "value": "0.93876",
                            "scoring_system": "epss",
                            "scoring_elements": "0.9988",
                            "published_at": "2026-06-04T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1335"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/302f22aff7a836868b270038e1d66002a2004869",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/apache/tika/commit/302f22aff7a836868b270038e1d66002a2004869"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/4fdc51a40bf9532d7db57d0b08c1aec3931468ad",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/apache/tika/commit/4fdc51a40bf9532d7db57d0b08c1aec3931468ad"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/5d983aad0b68a228f180686a4135ed8c7cd589f1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/apache/tika/commit/5d983aad0b68a228f180686a4135ed8c7cd589f1"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/b2d3932b847a171a85e356aa230af461a0f80d91",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/apache/tika/commit/b2d3932b847a171a85e356aa230af461a0f80d91"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/d1bc09386405d28d6b0f0a29ce8c3e7efd72d6c7",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/apache/tika/commit/d1bc09386405d28d6b0f0a29ce8c3e7efd72d6c7"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/e82c2efd2b1ac731b6954634741b70ecf0ed6f01",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/apache/tika/commit/e82c2efd2b1ac731b6954634741b70ecf0ed6f01"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/ffb48dd29d0c2009490caefda75e5b57c7958c51",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/apache/tika/commit/ffb48dd29d0c2009490caefda75e5b57c7958c51"
                },
                {
                    "reference_url": "https://lists.apache.org/thread.html/b3ed4432380af767effd4c6f27665cc7b2686acccbefeb9f55851dca@%3Cdev.tika.apache.org%3E",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.apache.org/thread.html/b3ed4432380af767effd4c6f27665cc7b2686acccbefeb9f55851dca@%3Cdev.tika.apache.org%3E"
                },
                {
                    "reference_url": "https://www.exploit-db.com/exploits/46540",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://www.exploit-db.com/exploits/46540"
                },
                {
                    "reference_url": "https://www.exploit-db.com/exploits/46540/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.exploit-db.com/exploits/46540/"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/104001",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.securityfocus.com/bid/104001"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572416",
                    "reference_id": "1572416",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572416"
                },
                {
                    "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/46540.py",
                    "reference_id": "CVE-2018-1335",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/46540.py"
                },
                {
                    "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/47208.rb",
                    "reference_id": "CVE-2018-1335",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/47208.rb"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1335",
                    "reference_id": "CVE-2018-1335",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1335"
                },
                {
                    "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/apache_tika_jp2_jscript.rb",
                    "reference_id": "CVE-2018-1335",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/apache_tika_jp2_jscript.rb"
                },
                {
                    "reference_url": "https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/",
                    "reference_id": "CVE-2018-1335",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-9r24-gp44-h3pm",
                    "reference_id": "GHSA-9r24-gp44-h3pm",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-9r24-gp44-h3pm"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/55411?format=api",
                    "purl": "pkg:maven/org.apache.tika/tika-server@1.18",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-42ad-sh45-7fev"
                        },
                        {
                            "vulnerability": "VCID-8qc9-3mxe-8ydp"
                        },
                        {
                            "vulnerability": "VCID-zj8z-ja31-mkcr"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-server@1.18"
                }
            ],
            "aliases": [
                "CVE-2018-1335",
                "GHSA-9r24-gp44-h3pm"
            ],
            "risk_score": 10.0,
            "exploitability": "2.0",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uyg4-mswu-s3f5"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102612?format=api",
            "vulnerability_id": "VCID-zj8z-ja31-mkcr",
            "summary": "tika-core: incomplete fix for CVE-2022-30126",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30973.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.1",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30973.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30973",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.0025",
                            "scoring_system": "epss",
                            "scoring_elements": "0.48449",
                            "published_at": "2026-06-05T12:55:00Z"
                        },
                        {
                            "value": "0.0025",
                            "scoring_system": "epss",
                            "scoring_elements": "0.48387",
                            "published_at": "2026-06-04T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30973"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-rpjm-422r-95mh",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-rpjm-422r-95mh"
                },
                {
                    "reference_url": "https://github.com/apache/tika",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/tika"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265"
                },
                {
                    "reference_url": "https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51"
                },
                {
                    "reference_url": "https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30973",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30973"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20220722-0004",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.netapp.com/advisory/ntap-20220722-0004"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20220722-0004/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.netapp.com/advisory/ntap-20220722-0004/"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2022/05/31/2",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2022/05/31/2"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2022/06/27/5",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2022/06/27/5"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099553",
                    "reference_id": "2099553",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099553"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2022:7257",
                    "reference_id": "RHSA-2022:7257",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2022:7257"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7529-1/",
                    "reference_id": "USN-7529-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7529-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/503744?format=api",
                    "purl": "pkg:maven/org.apache.tika/tika-server@1.28.3",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-8qc9-3mxe-8ydp"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-server@1.28.3"
                }
            ],
            "aliases": [
                "CVE-2022-30973",
                "GHSA-qw3f-w4pf-jh5f"
            ],
            "risk_score": 3.1,
            "exploitability": "0.5",
            "weighted_severity": "6.2",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zj8z-ja31-mkcr"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": "10.0",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-server@1.16"
}