Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-j6j1-yp44-hqdt

Summary

Path Traversal
In a rare edge case where a user does not specify an extract directory on the commandline (`--extract-dir=`) and the input file has an embedded file with an absolute path, tika-app would overwrite that file.

Aliases

alias	CVE-2018-11762

alias	GHSA-w6g3-v46q-5p28

Fixed_packages

url	pkg:deb/debian/tika@1.20-1?distro=sid
purl	pkg:deb/debian/tika@1.20-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tika@1.20-1%3Fdistro=sid

url pkg:deb/debian/tika@1.20-1

purl pkg:deb/debian/tika@1.20-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-yetb-gykm-nyhf

vulnerability	VCID-yt8m-g5bf-wkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tika@1.20-1

url pkg:deb/debian/tika@1.22-2?distro=sid

purl pkg:deb/debian/tika@1.22-2?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-yetb-gykm-nyhf

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tika@1.22-2%3Fdistro=sid

url pkg:maven/org.apache.tika/tika-app@1.19

purl pkg:maven/org.apache.tika/tika-app@1.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.19

url pkg:maven/org.apache.tika/tika-core@1.19

purl pkg:maven/org.apache.tika/tika-core@1.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-en59-hstj-8kc1

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-yt8m-g5bf-wkf7

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.19

Affected_packages

url pkg:deb/debian/tika@1.5-1

purl pkg:deb/debian/tika@1.5-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-yetb-gykm-nyhf

vulnerability	VCID-yt8m-g5bf-wkf7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tika@1.5-1

url pkg:maven/org.apache.tika/tika-app@0.9

purl pkg:maven/org.apache.tika/tika-app@0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@0.9

url pkg:maven/org.apache.tika/tika-app@0.10

purl pkg:maven/org.apache.tika/tika-app@0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@0.10

url pkg:maven/org.apache.tika/tika-app@1.0

purl pkg:maven/org.apache.tika/tika-app@1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.0

url pkg:maven/org.apache.tika/tika-app@1.1

purl pkg:maven/org.apache.tika/tika-app@1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.1

url pkg:maven/org.apache.tika/tika-app@1.2

purl pkg:maven/org.apache.tika/tika-app@1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.2

url pkg:maven/org.apache.tika/tika-app@1.3

purl pkg:maven/org.apache.tika/tika-app@1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.3

url pkg:maven/org.apache.tika/tika-app@1.4

purl pkg:maven/org.apache.tika/tika-app@1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.4

url pkg:maven/org.apache.tika/tika-app@1.5

purl pkg:maven/org.apache.tika/tika-app@1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.5

url pkg:maven/org.apache.tika/tika-app@1.6

purl pkg:maven/org.apache.tika/tika-app@1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.6

url pkg:maven/org.apache.tika/tika-app@1.7

purl pkg:maven/org.apache.tika/tika-app@1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.7

url pkg:maven/org.apache.tika/tika-app@1.8

purl pkg:maven/org.apache.tika/tika-app@1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.8

url pkg:maven/org.apache.tika/tika-app@1.9

purl pkg:maven/org.apache.tika/tika-app@1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.9

url pkg:maven/org.apache.tika/tika-app@1.10

purl pkg:maven/org.apache.tika/tika-app@1.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.10

url pkg:maven/org.apache.tika/tika-app@1.11

purl pkg:maven/org.apache.tika/tika-app@1.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.11

url pkg:maven/org.apache.tika/tika-app@1.12

purl pkg:maven/org.apache.tika/tika-app@1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.12

url pkg:maven/org.apache.tika/tika-app@1.13

purl pkg:maven/org.apache.tika/tika-app@1.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.13

url pkg:maven/org.apache.tika/tika-app@1.14

purl pkg:maven/org.apache.tika/tika-app@1.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.14

url pkg:maven/org.apache.tika/tika-app@1.15

purl pkg:maven/org.apache.tika/tika-app@1.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.15

url pkg:maven/org.apache.tika/tika-app@1.16

purl pkg:maven/org.apache.tika/tika-app@1.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.16

url pkg:maven/org.apache.tika/tika-app@1.17

purl pkg:maven/org.apache.tika/tika-app@1.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.17

url pkg:maven/org.apache.tika/tika-app@1.18

purl pkg:maven/org.apache.tika/tika-app@1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-j6j1-yp44-hqdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-app@1.18

url pkg:maven/org.apache.tika/tika-core@0.9

purl pkg:maven/org.apache.tika/tika-core@0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@0.9

url pkg:maven/org.apache.tika/tika-core@0.10

purl pkg:maven/org.apache.tika/tika-core@0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@0.10

url pkg:maven/org.apache.tika/tika-core@1.0

purl pkg:maven/org.apache.tika/tika-core@1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.0

url pkg:maven/org.apache.tika/tika-core@1.1

purl pkg:maven/org.apache.tika/tika-core@1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.1

url pkg:maven/org.apache.tika/tika-core@1.2

purl pkg:maven/org.apache.tika/tika-core@1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.2

url pkg:maven/org.apache.tika/tika-core@1.3

purl pkg:maven/org.apache.tika/tika-core@1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.3

url pkg:maven/org.apache.tika/tika-core@1.4

purl pkg:maven/org.apache.tika/tika-core@1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.4

url pkg:maven/org.apache.tika/tika-core@1.5

purl pkg:maven/org.apache.tika/tika-core@1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.5

url pkg:maven/org.apache.tika/tika-core@1.6

purl pkg:maven/org.apache.tika/tika-core@1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.6

url pkg:maven/org.apache.tika/tika-core@1.7

purl pkg:maven/org.apache.tika/tika-core@1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.7

url pkg:maven/org.apache.tika/tika-core@1.8

purl pkg:maven/org.apache.tika/tika-core@1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.8

url pkg:maven/org.apache.tika/tika-core@1.9

purl pkg:maven/org.apache.tika/tika-core@1.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.9

url pkg:maven/org.apache.tika/tika-core@1.10

purl pkg:maven/org.apache.tika/tika-core@1.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.10

url pkg:maven/org.apache.tika/tika-core@1.11

purl pkg:maven/org.apache.tika/tika-core@1.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.11

url pkg:maven/org.apache.tika/tika-core@1.12

purl pkg:maven/org.apache.tika/tika-core@1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-b19y-wyyt-4ff9

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.12

url pkg:maven/org.apache.tika/tika-core@1.13

purl pkg:maven/org.apache.tika/tika-core@1.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-7snd-ac5u-bydy

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.13

url pkg:maven/org.apache.tika/tika-core@1.14

purl pkg:maven/org.apache.tika/tika-core@1.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.14

url pkg:maven/org.apache.tika/tika-core@1.15

purl pkg:maven/org.apache.tika/tika-core@1.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.15

url pkg:maven/org.apache.tika/tika-core@1.16

purl pkg:maven/org.apache.tika/tika-core@1.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.16

url pkg:maven/org.apache.tika/tika-core@1.17

purl pkg:maven/org.apache.tika/tika-core@1.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-7d9k-ekje-fbe1

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-en59-hstj-8kc1

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-uyg4-mswu-s3f5

vulnerability	VCID-x3y9-rbfc-47b8

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.17

url pkg:maven/org.apache.tika/tika-core@1.18

purl pkg:maven/org.apache.tika/tika-core@1.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2yb7-v3m7-3ffz

vulnerability	VCID-2yxn-wffn-x7gr

vulnerability	VCID-42ad-sh45-7fev

vulnerability	VCID-8qc9-3mxe-8ydp

vulnerability	VCID-98bu-vqgb-x7a8

vulnerability	VCID-c7gc-egj2-2yb9

vulnerability	VCID-dc2n-xs2k-abbz

vulnerability	VCID-en59-hstj-8kc1

vulnerability	VCID-j6j1-yp44-hqdt

vulnerability	VCID-jyak-stwf-f3gw

vulnerability	VCID-q319-5s6s-aqab

vulnerability	VCID-r5jk-9f46-rygg

vulnerability	VCID-uj1b-pk9r-ryhz

vulnerability	VCID-zj8z-ja31-mkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.18

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11762.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11762.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11762

reference_id

reference_type

scores

value	0.00866
scoring_system	epss
scoring_elements	0.75521
published_at	2026-06-05T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75525
published_at	2026-06-06T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75492
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11762

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/apache/tika/commit/a09d853dbed712f644e274b497cce254f3189d57
reference_id
reference_type
scores
url	https://github.com/apache/tika/commit/a09d853dbed712f644e274b497cce254f3189d57

reference_url

https://lists.apache.org/thread.html/ab2e1af38975f5fc462ba89b517971ef892ec3d06bee12ea2258895b@%3Cdev.tika.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ab2e1af38975f5fc462ba89b517971ef892ec3d06bee12ea2258895b@%3Cdev.tika.apache.org%3E

reference_url

http://www.securityfocus.com/bid/105515

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/105515

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1632469
reference_id	1632469
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1632469

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-11762

reference_id

CVE-2018-11762

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-11762

reference_url

https://github.com/advisories/GHSA-w6g3-v46q-5p28

reference_id

GHSA-w6g3-v46q-5p28

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-w6g3-v46q-5p28

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	22
name	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
description	The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 4.0 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j6j1-yp44-hqdt

Vulnerability Instance