Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tika/tika-core@1.28.1
Typemaven
Namespaceorg.apache.tika
Nametika-core
Version1.28.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.2.2
Latest_non_vulnerable_version3.2.2
Affected_by_vulnerabilities
0
url VCID-m578-av81-kbhr
vulnerability_id VCID-m578-av81-kbhr
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30126.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30126.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30126
reference_id
reference_type
scores
0
value 0.00536
scoring_system epss
scoring_elements 0.67907
published_at 2026-06-11T12:55:00Z
1
value 0.01313
scoring_system epss
scoring_elements 0.80304
published_at 2026-06-12T12:55:00Z
2
value 0.01313
scoring_system epss
scoring_elements 0.80312
published_at 2026-06-14T12:55:00Z
3
value 0.01313
scoring_system epss
scoring_elements 0.8032
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30126
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30126
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30126
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
5
reference_url https://github.com/apache/tika/commit/83b0de4d60161ebd4bc224141a959ac8c18d95f4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/83b0de4d60161ebd4bc224141a959ac8c18d95f4
6
reference_url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
7
reference_url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
8
reference_url https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30126
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30126
10
reference_url https://security.netapp.com/advisory/ntap-20220624-0004
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220624-0004
11
reference_url http://www.openwall.com/lists/oss-security/2022/05/16/3
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/16/3
12
reference_url http://www.openwall.com/lists/oss-security/2022/05/31/2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/31/2
13
reference_url http://www.openwall.com/lists/oss-security/2022/06/27/5
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/27/5
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
reference_id 1015002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2088523
reference_id 2088523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2088523
16
reference_url https://github.com/advisories/GHSA-qw3f-w4pf-jh5f
reference_id GHSA-qw3f-w4pf-jh5f
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-qw3f-w4pf-jh5f
17
reference_url https://github.com/advisories/GHSA-rpjm-422r-95mh
reference_id GHSA-rpjm-422r-95mh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rpjm-422r-95mh
18
reference_url https://access.redhat.com/errata/RHSA-2022:5532
reference_id RHSA-2022:5532
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5532
19
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika-core@1.28.2
purl pkg:maven/org.apache.tika/tika-core@1.28.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p5rg-wubx-fyh9
1
vulnerability VCID-qdvh-q7rh-tfad
2
vulnerability VCID-t9mf-yf9h-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.28.2
1
url pkg:maven/org.apache.tika/tika-core@2.4.0
purl pkg:maven/org.apache.tika/tika-core@2.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p5rg-wubx-fyh9
1
vulnerability VCID-t9mf-yf9h-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@2.4.0
aliases CVE-2022-30126, GHSA-rpjm-422r-95mh
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m578-av81-kbhr
1
url VCID-p5rg-wubx-fyh9
vulnerability_id VCID-p5rg-wubx-fyh9
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-33879
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.08017
published_at 2026-06-12T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.08009
published_at 2026-06-14T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07982
published_at 2026-06-11T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.08013
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-33879
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh
4
reference_url https://security.netapp.com/advisory/ntap-20220812-0004
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220812-0004
5
reference_url https://security.netapp.com/advisory/ntap-20220812-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220812-0004/
6
reference_url http://www.openwall.com/lists/oss-security/2022/06/27/5
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/27/5
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
reference_id 1015002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-33879
reference_id CVE-2022-33879
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-33879
9
reference_url https://github.com/advisories/GHSA-6q8v-2hvm-fx37
reference_id GHSA-6q8v-2hvm-fx37
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6q8v-2hvm-fx37
10
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika-core@1.28.4
purl pkg:maven/org.apache.tika/tika-core@1.28.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-t9mf-yf9h-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.28.4
1
url pkg:maven/org.apache.tika/tika-core@2.4.1
purl pkg:maven/org.apache.tika/tika-core@2.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-t9mf-yf9h-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@2.4.1
aliases CVE-2022-33879, GHSA-6q8v-2hvm-fx37
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p5rg-wubx-fyh9
2
url VCID-qdvh-q7rh-tfad
vulnerability_id VCID-qdvh-q7rh-tfad
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30973.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30973.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30973
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48618
published_at 2026-06-12T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48623
published_at 2026-06-14T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.4848
published_at 2026-06-11T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48637
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30973
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
4
reference_url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/a36711610fa1f6f5ba0f594803415af795e0b265
5
reference_url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika/commit/e76302196ebcafb7b51fce37fbe8256e6c0fbc51
6
reference_url https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/gqvb5t4p7tmdpl0y5bdbf72pgxj04h7p
7
reference_url https://security.netapp.com/advisory/ntap-20220722-0004
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220722-0004
8
reference_url https://security.netapp.com/advisory/ntap-20220722-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220722-0004/
9
reference_url http://www.openwall.com/lists/oss-security/2022/05/31/2
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/31/2
10
reference_url http://www.openwall.com/lists/oss-security/2022/06/27/5
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/06/27/5
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2099553
reference_id 2099553
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2099553
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30973
reference_id CVE-2022-30973
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30973
13
reference_url https://github.com/advisories/GHSA-qw3f-w4pf-jh5f
reference_id GHSA-qw3f-w4pf-jh5f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw3f-w4pf-jh5f
14
reference_url https://github.com/advisories/GHSA-rpjm-422r-95mh
reference_id GHSA-rpjm-422r-95mh
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rpjm-422r-95mh
15
reference_url https://access.redhat.com/errata/RHSA-2022:7257
reference_id RHSA-2022:7257
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7257
16
reference_url https://usn.ubuntu.com/7529-1/
reference_id USN-7529-1
reference_type
scores
url https://usn.ubuntu.com/7529-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika-core@1.28.3
purl pkg:maven/org.apache.tika/tika-core@1.28.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p5rg-wubx-fyh9
1
vulnerability VCID-t9mf-yf9h-xqdz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.28.3
aliases CVE-2022-30973, GHSA-qw3f-w4pf-jh5f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdvh-q7rh-tfad
3
url VCID-t9mf-yf9h-xqdz
vulnerability_id VCID-t9mf-yf9h-xqdz
summary 
Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. 

This CVE covers the same vulnerability as in CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. 

First, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable. 

Second, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the "org.apache.tika:tika-parsers" module.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66516.json
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66516.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66516
reference_id
reference_type
scores
0
value 0.02042
scoring_system epss
scoring_elements 0.8427
published_at 2026-06-14T12:55:00Z
1
value 0.02042
scoring_system epss
scoring_elements 0.84275
published_at 2026-06-13T12:55:00Z
2
value 0.02042
scoring_system epss
scoring_elements 0.84267
published_at 2026-06-12T12:55:00Z
3
value 0.02042
scoring_system epss
scoring_elements 0.84212
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66516
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66516
3
reference_url https://github.com/apache/tika
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tika
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121954
reference_id 1121954
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121954
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418870
reference_id 2418870
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418870
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66516
reference_id CVE-2025-66516
reference_type
scores
0
value 10.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66516
7
reference_url https://cve.org/CVERecord?id=CVE-2025-54988
reference_id CVERecord?id=CVE-2025-54988
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-15T04:56:02Z/
url https://cve.org/CVERecord?id=CVE-2025-54988
8
reference_url https://github.com/advisories/GHSA-f58c-gq56-vjjf
reference_id GHSA-f58c-gq56-vjjf
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f58c-gq56-vjjf
9
reference_url https://access.redhat.com/errata/RHSA-2025:23143
reference_id RHSA-2025:23143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23143
10
reference_url https://access.redhat.com/errata/RHSA-2025:23225
reference_id RHSA-2025:23225
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23225
11
reference_url https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k
reference_id s5x3k93nhbkqzztp1olxotoyjpdlps9k
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 10.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-15T04:56:02Z/
url https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k
12
reference_url https://usn.ubuntu.com/8324-1/
reference_id USN-8324-1
reference_type
scores
url https://usn.ubuntu.com/8324-1/
fixed_packages
0
url pkg:maven/org.apache.tika/tika-core@3.2.2
purl pkg:maven/org.apache.tika/tika-core@3.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@3.2.2
aliases CVE-2025-66516, GHSA-f58c-gq56-vjjf
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9mf-yf9h-xqdz
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-core@1.28.1