Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/413477?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/413477?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.10", "type": "maven", "namespace": "org.apache.tika", "name": "tika-parsers", "version": "1.10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.1", "latest_non_vulnerable_version": "2.4.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201989?format=api", "vulnerability_id": "VCID-18h6-kuqz-u7ey", "summary": "Moderate severity vulnerability that affects org.apache.tika:tika-core", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1338.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1338.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03002", "scoring_system": "epss", "scoring_elements": "0.86871", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03002", "scoring_system": "epss", "scoring_elements": "0.86929", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03002", "scoring_system": "epss", "scoring_elements": "0.86918", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1338" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1338" }, { "reference_url": "https://lists.apache.org/thread.html/4d20c5748fb9f836653bc78a1bad991ba8485d82a1e821f70b641932@%3Cdev.tika.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/4d20c5748fb9f836653bc78a1bad991ba8485d82a1e821f70b641932@%3Cdev.tika.apache.org%3E" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572421", "reference_id": "1572421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572421" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1338", "reference_id": "CVE-2018-1338", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1338" }, { "reference_url": "https://github.com/advisories/GHSA-5mf7-26mw-3rqr", "reference_id": "GHSA-5mf7-26mw-3rqr", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5mf7-26mw-3rqr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14075?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k9nz-6k84-1ff9" }, { "vulnerability": "VCID-kqc4-vufh-xfcd" }, { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-qmn1-cfdv-4fg3" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" }, { "vulnerability": "VCID-vzy7-7b4u-jff1" }, { "vulnerability": "VCID-ws7p-w1vr-tkf6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.18" } ], "aliases": [ "CVE-2018-1338", "GHSA-5mf7-26mw-3rqr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18h6-kuqz-u7ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4577?format=api", "vulnerability_id": "VCID-k9nz-6k84-1ff9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11796.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11796.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11796", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0394", "scoring_system": "epss", "scoring_elements": "0.88651", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0394", "scoring_system": "epss", "scoring_elements": "0.88605", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0394", "scoring_system": "epss", "scoring_elements": "0.88644", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11796" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/tika", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika" }, { "reference_url": "https://lists.apache.org/thread.html/88de8350cda9b184888ec294c813c5bd8a2081de8fd3666f8904bc05@%3Cdev.tika.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/88de8350cda9b184888ec294c813c5bd8a2081de8fd3666f8904bc05@%3Cdev.tika.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190903-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190903-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190903-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190903-0002/" }, { "reference_url": "http://www.securityfocus.com/bid/105585", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/105585" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639090", "reference_id": "1639090", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639090" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11796", "reference_id": "CVE-2018-11796", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11796" }, { "reference_url": "https://github.com/advisories/GHSA-h8q5-g2cj-qr5h", "reference_id": "GHSA-h8q5-g2cj-qr5h", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h8q5-g2cj-qr5h" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3892", "reference_id": "RHSA-2019:3892", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3892" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390787?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8r17-z7sd-43fm" }, { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-qmn1-cfdv-4fg3" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" }, { "vulnerability": "VCID-vzy7-7b4u-jff1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.19.1" } ], "aliases": [ "CVE-2018-11796", "GHSA-h8q5-g2cj-qr5h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k9nz-6k84-1ff9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4567?format=api", "vulnerability_id": "VCID-kqc4-vufh-xfcd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11027", "scoring_system": "epss", "scoring_elements": "0.93625", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.11027", "scoring_system": "epss", "scoring_elements": "0.93629", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.11027", "scoring_system": "epss", "scoring_elements": "0.93604", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11761" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/tika/commit/4e67928412ad56333d400f3728ecdb59d07d9d63", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tika/commit/4e67928412ad56333d400f3728ecdb59d07d9d63" }, { "reference_url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/bid/105514", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/105514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632462", "reference_id": "1632462", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632462" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11761", "reference_id": "CVE-2018-11761", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11761" }, { "reference_url": "https://github.com/advisories/GHSA-6jq2-789q-fff2", "reference_id": "GHSA-6jq2-789q-fff2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6jq2-789q-fff2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/15523?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8r17-z7sd-43fm" }, { "vulnerability": "VCID-k9nz-6k84-1ff9" }, { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-qmn1-cfdv-4fg3" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" }, { "vulnerability": "VCID-vzy7-7b4u-jff1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.19" } ], "aliases": [ "CVE-2018-11761", "GHSA-6jq2-789q-fff2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kqc4-vufh-xfcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201977?format=api", "vulnerability_id": "VCID-n2f5-b9kg-rbfq", "summary": "org.apache.tika:tika-parsers has an Infinite Loop vulnerability", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2669" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1339.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1339.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04517", "scoring_system": "epss", "scoring_elements": "0.89396", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04517", "scoring_system": "epss", "scoring_elements": "0.8944", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.04517", "scoring_system": "epss", "scoring_elements": "0.89433", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1339" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1339", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1339" }, { "reference_url": "https://github.com/apache/tika", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika" }, { "reference_url": "https://github.com/apache/tika/commit/1b6ca3685c196cfd89f5f95c19cc919ce10c5aff#diff-43f8cbe58aaab159ce88bd95fafc46dd", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika/commit/1b6ca3685c196cfd89f5f95c19cc919ce10c5aff#diff-43f8cbe58aaab159ce88bd95fafc46dd" }, { "reference_url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572424", "reference_id": "1572424", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572424" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900000", "reference_id": "900000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900000" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1339", "reference_id": "CVE-2018-1339", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1339" }, { "reference_url": "https://github.com/advisories/GHSA-p699-3wgc-7h72", "reference_id": "GHSA-p699-3wgc-7h72", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p699-3wgc-7h72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14075?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k9nz-6k84-1ff9" }, { "vulnerability": "VCID-kqc4-vufh-xfcd" }, { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-qmn1-cfdv-4fg3" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" }, { "vulnerability": "VCID-vzy7-7b4u-jff1" }, { "vulnerability": "VCID-ws7p-w1vr-tkf6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.18" } ], "aliases": [ "CVE-2018-1339", "GHSA-p699-3wgc-7h72" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n2f5-b9kg-rbfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12114?format=api", "vulnerability_id": "VCID-p5rg-wubx-fyh9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08017", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08013", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07982", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220812-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220812-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220812-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220812-0004/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/06/27/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/06/27/5" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002", "reference_id": "1015002", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33879", "reference_id": "CVE-2022-33879", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33879" }, { "reference_url": "https://github.com/advisories/GHSA-6q8v-2hvm-fx37", "reference_id": "GHSA-6q8v-2hvm-fx37", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6q8v-2hvm-fx37" }, { "reference_url": "https://usn.ubuntu.com/7529-1/", "reference_id": "USN-7529-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7529-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/574518?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.28.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.28.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/574524?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@2.4.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@2.4.1" } ], "aliases": [ "CVE-2022-33879", "GHSA-6q8v-2hvm-fx37" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5rg-wubx-fyh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9295?format=api", "vulnerability_id": "VCID-qmn1-cfdv-4fg3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28657.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28657.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.4487", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00649", "scoring_system": "epss", "scoring_elements": "0.71383", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00649", "scoring_system": "epss", "scoring_elements": "0.71396", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28657" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r915add4aa52c60d1b5cf085039cfa73a98d7fae9673374dfd7744b5a%40%3Cdev.tika.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r915add4aa52c60d1b5cf085039cfa73a98d7fae9673374dfd7744b5a%40%3Cdev.tika.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28657", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28657" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210507-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210507-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210507-0004/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944881", "reference_id": "1944881", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944881" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986805", "reference_id": "986805", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986805" }, { "reference_url": "https://github.com/advisories/GHSA-567x-m4wm-87v8", "reference_id": "GHSA-567x-m4wm-87v8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-567x-m4wm-87v8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/492291?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.26" } ], "aliases": [ "CVE-2021-28657", "GHSA-567x-m4wm-87v8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmn1-cfdv-4fg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30708?format=api", "vulnerability_id": "VCID-tu75-wb2b-17c3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6809.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6809.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07049", "scoring_system": "epss", "scoring_elements": "0.91718", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.07049", "scoring_system": "epss", "scoring_elements": "0.9169", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.07049", "scoring_system": "epss", "scoring_elements": "0.91725", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6809" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6809" }, { "reference_url": "https://dist.apache.org/repos/dist/release/tika/CHANGES-1.14.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://dist.apache.org/repos/dist/release/tika/CHANGES-1.14.txt" }, { "reference_url": "http://seclists.org/bugtraq/2016/Nov/40", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/bugtraq/2016/Nov/40" }, { "reference_url": "https://github.com/apache/tika", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika" }, { "reference_url": "https://github.com/apache/tika/commit/8a68b5d474205cc91cbbb610d4a1c05af57f0610", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika/commit/8a68b5d474205cc91cbbb610d4a1c05af57f0610" }, { "reference_url": "https://lists.apache.org/thread.html/91eb639ef619b9a26b40020ca6732e7dbe457f7322ed5f1df49e411a@%3Cdev.nutch.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/91eb639ef619b9a26b40020ca6732e7dbe457f7322ed5f1df49e411a@%3Cdev.nutch.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/d2375da29d89e679abf5d845db76d6f798fdc6f7d44f2c788e8a0fb9@%3Cuser.nutch.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/d2375da29d89e679abf5d845db76d6f798fdc6f7d44f2c788e8a0fb9@%3Cuser.nutch.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/e414754a6c57ce7194b731e211cd6b2cbb41f2c7000e3fb9c6b6ec78@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/e414754a6c57ce7194b731e211cd6b2cbb41f2c7000e3fb9c6b6ec78@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2f6f6c130b12b7332f323f74d031072b1517065ce28a22346791ffb6@%3Cissues.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r2f6f6c130b12b7332f323f74d031072b1517065ce28a22346791ffb6@%3Cissues.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfd3646bb724b66b1a9ddef69e692da2b7a727a8799551c78eedf0a0f@%3Cissues.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfd3646bb724b66b1a9ddef69e692da2b7a727a8799551c78eedf0a0f@%3Cissues.lucene.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/bid/94247", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94247" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1394156", "reference_id": "1394156", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1394156" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6809", "reference_id": "CVE-2016-6809", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6809" }, { "reference_url": "https://github.com/advisories/GHSA-j8g6-2wh7-6439", "reference_id": "GHSA-j8g6-2wh7-6439", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j8g6-2wh7-6439" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/389028?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18h6-kuqz-u7ey" }, { "vulnerability": "VCID-k9nz-6k84-1ff9" }, { "vulnerability": "VCID-kqc4-vufh-xfcd" }, { "vulnerability": "VCID-n2f5-b9kg-rbfq" }, { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-qmn1-cfdv-4fg3" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" }, { "vulnerability": "VCID-vzy7-7b4u-jff1" }, { "vulnerability": "VCID-ws7p-w1vr-tkf6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.14" } ], "aliases": [ "CVE-2016-6809", "GHSA-j8g6-2wh7-6439" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tu75-wb2b-17c3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5039?format=api", "vulnerability_id": "VCID-vzy7-7b4u-jff1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17197.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03108", "scoring_system": "epss", "scoring_elements": "0.87154", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03108", "scoring_system": "epss", "scoring_elements": "0.87163", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03108", "scoring_system": "epss", "scoring_elements": "0.87108", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17197" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/tika/commit/0c49c851979163334ea05cbebdd11ff87feba62d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tika/commit/0c49c851979163334ea05cbebdd11ff87feba62d" }, { "reference_url": "https://lists.apache.org/thread.html/7c021a4ea2037e52e74628e17e8e0e2acab1f447160edc8be0eae6d3@%3Cdev.tika.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/7c021a4ea2037e52e74628e17e8e0e2acab1f447160edc8be0eae6d3@%3Cdev.tika.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/bid/106293", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106293" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663925", "reference_id": "1663925", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663925" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17197", "reference_id": "CVE-2018-17197", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17197" }, { "reference_url": "https://github.com/advisories/GHSA-3448-vfvv-xp9g", "reference_id": "GHSA-3448-vfvv-xp9g", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3448-vfvv-xp9g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14636?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8r17-z7sd-43fm" }, { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-qmn1-cfdv-4fg3" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.20" } ], "aliases": [ "CVE-2018-17197", "GHSA-3448-vfvv-xp9g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vzy7-7b4u-jff1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5801?format=api", "vulnerability_id": "VCID-ws7p-w1vr-tkf6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02108", "scoring_system": "epss", "scoring_elements": "0.8452", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02108", "scoring_system": "epss", "scoring_elements": "0.84529", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02108", "scoring_system": "epss", "scoring_elements": "0.84464", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8017" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/tika", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika" }, { "reference_url": "https://github.com/apache/tika/commit/62926cae31a02d4f23d21148435804b96c543cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika/commit/62926cae31a02d4f23d21148435804b96c543cc" }, { "reference_url": "https://github.com/apache/tika/commit/8a6a9e1344f5b10ebfa1a189dc3c30d0da2b9d4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tika/commit/8a6a9e1344f5b10ebfa1a189dc3c30d0da2b9d4" }, { "reference_url": "https://lists.apache.org/thread.html/72df7a3f0dda49a912143a1404b489837a11f374dfd1961061873a91@%3Cdev.tika.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/72df7a3f0dda49a912143a1404b489837a11f374dfd1961061873a91@%3Cdev.tika.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/bid/105513", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/105513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632466", "reference_id": "1632466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632466" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914643", "reference_id": "914643", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914643" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8017", "reference_id": "CVE-2018-8017", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8017" }, { "reference_url": "https://github.com/advisories/GHSA-j53j-gmr9-h8g3", "reference_id": "GHSA-j53j-gmr9-h8g3", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j53j-gmr9-h8g3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/15523?format=api", "purl": "pkg:maven/org.apache.tika/tika-parsers@1.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8r17-z7sd-43fm" }, { "vulnerability": "VCID-k9nz-6k84-1ff9" }, { "vulnerability": "VCID-p5rg-wubx-fyh9" }, { "vulnerability": "VCID-qmn1-cfdv-4fg3" }, { "vulnerability": "VCID-shf6-6dhf-f7g7" }, { "vulnerability": "VCID-t9mf-yf9h-xqdz" }, { "vulnerability": "VCID-vzy7-7b4u-jff1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.19" } ], "aliases": [ "CVE-2018-8017", "GHSA-j53j-gmr9-h8g3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ws7p-w1vr-tkf6" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parsers@1.10" }