Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tika/tika@1.18
Typemaven
Namespaceorg.apache.tika
Nametika
Version1.18
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.28.4
Latest_non_vulnerable_version2.4.1
Affected_by_vulnerabilities
0
url VCID-2yb7-v3m7-3ffz
vulnerability_id VCID-2yb7-v3m7-3ffz
summary 
Uncontrolled Resource Consumption
A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1950.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1950.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1950
reference_id
reference_type
scores
0
value 0.00417
scoring_system epss
scoring_elements 0.62138
published_at 2026-06-07T12:55:00Z
1
value 0.00417
scoring_system epss
scoring_elements 0.62123
published_at 2026-06-08T12:55:00Z
2
value 0.00417
scoring_system epss
scoring_elements 0.62093
published_at 2026-06-04T12:55:00Z
3
value 0.00417
scoring_system epss
scoring_elements 0.62142
published_at 2026-06-05T12:55:00Z
4
value 0.00417
scoring_system epss
scoring_elements 0.62149
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1950
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1950
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1950
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
5
reference_url https://lists.apache.org/thread.html/r463b1a67817ae55fe022536edd6db34e8f9636971188430cbcf8a8dd%40%3Cdev.tika.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r463b1a67817ae55fe022536edd6db34e8f9636971188430cbcf8a8dd%40%3Cdev.tika.apache.org%3E
6
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html
7
reference_url https://usn.ubuntu.com/4564-1
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4564-1
8
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
9
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1822759
reference_id 1822759
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1822759
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954303
reference_id 954303
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954303
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1950
reference_id CVE-2020-1950
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1950
13
reference_url https://github.com/advisories/GHSA-3h29-52vh-pqgr
reference_id GHSA-3h29-52vh-pqgr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3h29-52vh-pqgr
14
reference_url https://access.redhat.com/errata/RHSA-2020:5568
reference_id RHSA-2020:5568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5568
15
reference_url https://usn.ubuntu.com/4564-1/
reference_id USN-4564-1
reference_type
scores
url https://usn.ubuntu.com/4564-1/
16
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.24
purl pkg:maven/org.apache.tika/tika@1.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42ad-sh45-7fev
1
vulnerability VCID-8qc9-3mxe-8ydp
2
vulnerability VCID-en59-hstj-8kc1
3
vulnerability VCID-eu4h-uqdw-n7ez
4
vulnerability VCID-yhgb-qh1t-3qhj
5
vulnerability VCID-zj8z-ja31-mkcr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.24
aliases CVE-2020-1950, GHSA-3h29-52vh-pqgr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yb7-v3m7-3ffz
1
url VCID-42ad-sh45-7fev
vulnerability_id VCID-42ad-sh45-7fev
summary 
Loop with Unreachable Exit Condition (Infinite Loop)
A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28657.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28657.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28657
reference_id
reference_type
scores
0
value 0.00221
scoring_system epss
scoring_elements 0.44803
published_at 2026-06-08T12:55:00Z
1
value 0.00221
scoring_system epss
scoring_elements 0.44778
published_at 2026-06-04T12:55:00Z
2
value 0.00221
scoring_system epss
scoring_elements 0.44847
published_at 2026-06-05T12:55:00Z
3
value 0.00221
scoring_system epss
scoring_elements 0.44853
published_at 2026-06-06T12:55:00Z
4
value 0.00221
scoring_system epss
scoring_elements 0.44832
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28657
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r915add4aa52c60d1b5cf085039cfa73a98d7fae9673374dfd7744b5a%40%3Cdev.tika.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r915add4aa52c60d1b5cf085039cfa73a98d7fae9673374dfd7744b5a%40%3Cdev.tika.apache.org%3E
6
reference_url https://security.netapp.com/advisory/ntap-20210507-0004
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210507-0004
7
reference_url https://security.netapp.com/advisory/ntap-20210507-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210507-0004/
8
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
9
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1944881
reference_id 1944881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1944881
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986805
reference_id 986805
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986805
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-28657
reference_id CVE-2021-28657
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-28657
13
reference_url https://github.com/advisories/GHSA-567x-m4wm-87v8
reference_id GHSA-567x-m4wm-87v8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-567x-m4wm-87v8
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.26
purl pkg:maven/org.apache.tika/tika@1.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8qc9-3mxe-8ydp
1
vulnerability VCID-en59-hstj-8kc1
2
vulnerability VCID-eu4h-uqdw-n7ez
3
vulnerability VCID-zj8z-ja31-mkcr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.26
aliases CVE-2021-28657, GHSA-567x-m4wm-87v8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42ad-sh45-7fev
2
url VCID-8qc9-3mxe-8ydp
vulnerability_id VCID-8qc9-3mxe-8ydp
summary The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-33879
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07949
published_at 2026-06-04T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07923
published_at 2026-06-08T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07972
published_at 2026-06-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07996
published_at 2026-06-06T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07981
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-33879
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-33879
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-33879
5
reference_url https://security.netapp.com/advisory/ntap-20220812-0004
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220812-0004
6
reference_url https://security.netapp.com/advisory/ntap-20220812-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220812-0004/
7
reference_url http://www.openwall.com/lists/oss-security/2022/06/27/5
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/27/5
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
reference_id 1015002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
9
reference_url https://github.com/advisories/GHSA-6q8v-2hvm-fx37
reference_id GHSA-6q8v-2hvm-fx37
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6q8v-2hvm-fx37
10
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.28.4
purl pkg:maven/org.apache.tika/tika@1.28.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.28.4
1
url pkg:maven/org.apache.tika/tika@2.4.1
purl pkg:maven/org.apache.tika/tika@2.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@2.4.1
aliases CVE-2022-33879, GHSA-6q8v-2hvm-fx37
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qc9-3mxe-8ydp
3
url VCID-en59-hstj-8kc1
vulnerability_id VCID-en59-hstj-8kc1
summary tika-core: Regular Expression Denial of Service in standards extractor
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30126.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30126.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30126
reference_id
reference_type
scores
0
value 0.00536
scoring_system epss
scoring_elements 0.67834
published_at 2026-06-08T12:55:00Z
1
value 0.00536
scoring_system epss
scoring_elements 0.67859
published_at 2026-06-06T12:55:00Z
2
value 0.00536
scoring_system epss
scoring_elements 0.67812
published_at 2026-06-04T12:55:00Z
3
value 0.00536
scoring_system epss
scoring_elements 0.67848
published_at 2026-06-07T12:55:00Z
4
value 0.00536
scoring_system epss
scoring_elements 0.67852
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30126
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30126
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30126
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-qw3f-w4pf-jh5f
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-qw3f-w4pf-jh5f
5
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
6
reference_url https://github.com/apache/tika/commit/83b0de4d60161ebd4bc224141a959ac8c18d95f4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/83b0de4d60161ebd4bc224141a959ac8c18d95f4
7
reference_url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
8
reference_url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
9
reference_url https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30126
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30126
11
reference_url https://security.netapp.com/advisory/ntap-20220624-0004
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220624-0004
12
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
13
reference_url http://www.openwall.com/lists/oss-security/2022/05/16/3
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/16/3
14
reference_url http://www.openwall.com/lists/oss-security/2022/05/31/2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/31/2
15
reference_url http://www.openwall.com/lists/oss-security/2022/06/27/5
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/27/5
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
reference_id 1015002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2088523
reference_id 2088523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2088523
18
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
19
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.28.2
purl pkg:maven/org.apache.tika/tika@1.28.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8qc9-3mxe-8ydp
1
vulnerability VCID-zj8z-ja31-mkcr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.28.2
1
url pkg:maven/org.apache.tika/tika@2.4.0
purl pkg:maven/org.apache.tika/tika@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8qc9-3mxe-8ydp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@2.4.0
aliases CVE-2022-30126, GHSA-rpjm-422r-95mh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-en59-hstj-8kc1
4
url VCID-eu4h-uqdw-n7ez
vulnerability_id VCID-eu4h-uqdw-n7ez
summary 
Allocation of Resources Without Limits or Throttling
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25169
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.50712
published_at 2026-06-07T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50682
published_at 2026-06-08T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50726
published_at 2026-06-05T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50665
published_at 2026-06-04T12:55:00Z
4
value 0.0027
scoring_system epss
scoring_elements 0.50732
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25169
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25169
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
4
reference_url https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk
5
reference_url https://security.netapp.com/advisory/ntap-20220804-0004
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220804-0004
6
reference_url https://security.netapp.com/advisory/ntap-20220804-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220804-0004/
7
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
8
reference_url http://www.openwall.com/lists/oss-security/2022/05/16/4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/16/4
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
reference_id 1015002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25169
reference_id CVE-2022-25169
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25169
11
reference_url https://github.com/advisories/GHSA-7qcq-xp2f-56f6
reference_id GHSA-7qcq-xp2f-56f6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7qcq-xp2f-56f6
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.28.2
purl pkg:maven/org.apache.tika/tika@1.28.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8qc9-3mxe-8ydp
1
vulnerability VCID-zj8z-ja31-mkcr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.28.2
1
url pkg:maven/org.apache.tika/tika@2.4.0
purl pkg:maven/org.apache.tika/tika@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8qc9-3mxe-8ydp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@2.4.0
aliases CVE-2022-25169, GHSA-7qcq-xp2f-56f6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu4h-uqdw-n7ez
5
url VCID-uj1b-pk9r-ryhz
vulnerability_id VCID-uj1b-pk9r-ryhz
summary 
Loop with Unreachable Exit Condition (Infinite Loop)
A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1951
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43495
published_at 2026-06-06T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43438
published_at 2026-06-08T12:55:00Z
2
value 0.0021
scoring_system epss
scoring_elements 0.43413
published_at 2026-06-04T12:55:00Z
3
value 0.0021
scoring_system epss
scoring_elements 0.43472
published_at 2026-06-07T12:55:00Z
4
value 0.0021
scoring_system epss
scoring_elements 0.43485
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1951
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1951
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1951
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
4
reference_url https://lists.apache.org/thread.html/rd8c1b42bd0e31870d804890b3f00b13d837c528f7ebaf77031323172%40%3Cdev.tika.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd8c1b42bd0e31870d804890b3f00b13d837c528f7ebaf77031323172%40%3Cdev.tika.apache.org%3E
5
reference_url https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html
6
reference_url https://usn.ubuntu.com/4564-1
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4564-1
7
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
8
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954302
reference_id 954302
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954302
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1951
reference_id CVE-2020-1951
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-1951
11
reference_url https://github.com/advisories/GHSA-3264-3fm9-fg44
reference_id GHSA-3264-3fm9-fg44
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3264-3fm9-fg44
12
reference_url https://usn.ubuntu.com/4564-1/
reference_id USN-4564-1
reference_type
scores
url https://usn.ubuntu.com/4564-1/
13
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.24
purl pkg:maven/org.apache.tika/tika@1.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42ad-sh45-7fev
1
vulnerability VCID-8qc9-3mxe-8ydp
2
vulnerability VCID-en59-hstj-8kc1
3
vulnerability VCID-eu4h-uqdw-n7ez
4
vulnerability VCID-yhgb-qh1t-3qhj
5
vulnerability VCID-zj8z-ja31-mkcr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.24
aliases CVE-2020-1951, GHSA-3264-3fm9-fg44
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uj1b-pk9r-ryhz
6
url VCID-yhgb-qh1t-3qhj
vulnerability_id VCID-yhgb-qh1t-3qhj
summary 
Missing Release of Memory after Effective Lifetime
A carefully crafted or corrupt file may trigger a `System.exit` in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9489.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9489.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-9489
reference_id
reference_type
scores
0
value 0.0039
scoring_system epss
scoring_elements 0.60409
published_at 2026-06-08T12:55:00Z
1
value 0.0039
scoring_system epss
scoring_elements 0.60425
published_at 2026-06-07T12:55:00Z
2
value 0.0039
scoring_system epss
scoring_elements 0.60386
published_at 2026-06-04T12:55:00Z
3
value 0.0039
scoring_system epss
scoring_elements 0.60437
published_at 2026-06-06T12:55:00Z
4
value 0.0039
scoring_system epss
scoring_elements 0.60434
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-9489
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9489
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9489
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
5
reference_url https://github.com/apache/tika/commit/0f4d5de0f85455e91433fb0b464ea0461d7c891d
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/0f4d5de0f85455e91433fb0b464ea0461d7c891d
6
reference_url https://issues.apache.org/jira/browse/TIKA-3081
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/TIKA-3081
7
reference_url https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E
9
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
10
reference_url https://www.oracle.com/security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2021.html
11
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1850042
reference_id 1850042
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1850042
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984666
reference_id 984666
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984666
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-9489
reference_id CVE-2020-9489
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-9489
15
reference_url https://github.com/advisories/GHSA-4pv3-63jw-4jw2
reference_id GHSA-4pv3-63jw-4jw2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4pv3-63jw-4jw2
16
reference_url https://access.redhat.com/errata/RHSA-2020:5568
reference_id RHSA-2020:5568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5568
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.24.1
purl pkg:maven/org.apache.tika/tika@1.24.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42ad-sh45-7fev
1
vulnerability VCID-8qc9-3mxe-8ydp
2
vulnerability VCID-en59-hstj-8kc1
3
vulnerability VCID-eu4h-uqdw-n7ez
4
vulnerability VCID-zj8z-ja31-mkcr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.24.1
aliases CVE-2020-9489, GHSA-4pv3-63jw-4jw2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yhgb-qh1t-3qhj
7
url VCID-zj8z-ja31-mkcr
vulnerability_id VCID-zj8z-ja31-mkcr
summary tika-core: incomplete fix for CVE-2022-30126
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30973.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30973.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30973
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48408
published_at 2026-06-08T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48387
published_at 2026-06-04T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.48449
published_at 2026-06-05T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48455
published_at 2026-06-06T12:55:00Z
4
value 0.0025
scoring_system epss
scoring_elements 0.48436
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30973
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/advisories/GHSA-rpjm-422r-95mh
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rpjm-422r-95mh
4
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
5
reference_url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
6
reference_url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
7
reference_url https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30973
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30973
9
reference_url https://security.netapp.com/advisory/ntap-20220722-0004
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220722-0004
10
reference_url https://security.netapp.com/advisory/ntap-20220722-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220722-0004/
11
reference_url http://www.openwall.com/lists/oss-security/2022/05/31/2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/31/2
12
reference_url http://www.openwall.com/lists/oss-security/2022/06/27/5
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/27/5
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2099553
reference_id 2099553
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2099553
14
reference_url https://access.redhat.com/errata/RHSA-2022:7257
reference_id RHSA-2022:7257
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7257
15
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika@1.28.3
purl pkg:maven/org.apache.tika/tika@1.28.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8qc9-3mxe-8ydp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.28.3
aliases CVE-2022-30973, GHSA-qw3f-w4pf-jh5f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zj8z-ja31-mkcr
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika@1.18