cvelistv5 - cve-2025-66516

CVE-2025-66516 (GCVE-0-2025-66516)

Vulnerability from cvelistv5

Published

2025-12-04 16:17

Modified

2025-12-30 16:12

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-611 - Improper Restriction of XML External Entity Reference

Summary

Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. First, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable. Second, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the "org.apache.tika:tika-parsers" module.

References

URL

Tags

	security@apache.org	https://cve.org/CVERecord?id=CVE-2025-54988	Third Party Advisory
	security@apache.org	https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k	Vendor Advisory

Impacted products

Vendor

Product

Version

Apache Software Foundation

Apache Tika core

Version: 1.13 ≤ 3.2.1

	Apache Software Foundation	Apache Tika parsers	Version: 1.13 ≤
	Apache Software Foundation	Apache Tika PDF parser module	Version: 2.0.0 ≤ 3.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66516",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-05T18:26:33.915381Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-05T18:26:45.375Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.tika:tika-core",
          "product": "Apache Tika core",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "3.2.1",
              "status": "affected",
              "version": "1.13",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.tika:tika-parsers",
          "product": "Apache Tika parsers",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.0.0",
              "status": "affected",
              "version": "1.13",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.tika:tika-parser-pdf-module",
          "product": "Apache Tika PDF parser module",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "3.2.1",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \u003cbr\u003e\u003cbr\u003eThis CVE covers the same vulnerability as in\u0026nbsp;CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \u003cbr\u003e\u003cbr\u003eFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u0026gt;= 3.2.2 would still be vulnerable. \u003cbr\u003e\u003cbr\u003eSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \"org.apache.tika:tika-parsers\" module."
            }
          ],
          "value": "Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \n\nThis CVE covers the same vulnerability as in\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \n\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \n\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \"org.apache.tika:tika-parsers\" module."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "critical"
            },
            "type": "Textual description of severity"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T16:12:37.859Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://cve.org/CVERecord?id=CVE-2025-54988"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-66516",
    "datePublished": "2025-12-04T16:17:24.980Z",
    "dateReserved": "2025-12-03T23:11:17.441Z",
    "dateUpdated": "2025-12-30T16:12:37.859Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-66516\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2025-12-04T17:15:57.120\",\"lastModified\":\"2025-12-30T16:15:46.230\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \\n\\nThis CVE covers the same vulnerability as in\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \\n\\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \\n\\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \\\"org.apache.tika:tika-parsers\\\" module.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.13\",\"versionEndExcluding\":\"3.2.2\",\"matchCriteriaId\":\"06E31452-81F9-4B50-A6E1-EE8FE3E148BD\"}]}]}],\"references\":[{\"url\":\"https://cve.org/CVERecord?id=CVE-2025-54988\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-66516\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-05T18:26:33.915381Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-05T18:26:41.700Z\"}}], \"cna\": {\"title\": \"Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"critical\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tika core\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.2.1\"}], \"packageName\": \"org.apache.tika:tika-core\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tika parsers\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.13\", \"lessThan\": \"2.0.0\", \"versionType\": \"semver\"}], \"packageName\": \"org.apache.tika:tika-parsers\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tika PDF parser module\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.2.1\"}], \"packageName\": \"org.apache.tika:tika-parser-pdf-module\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://cve.org/CVERecord?id=CVE-2025-54988\", \"tags\": [\"related\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \\n\\nThis CVE covers the same vulnerability as in\\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \\n\\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \\n\\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \\\"org.apache.tika:tika-parsers\\\" module.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \u003cbr\u003e\u003cbr\u003eThis CVE covers the same vulnerability as in\u0026nbsp;CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \u003cbr\u003e\u003cbr\u003eFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u0026gt;= 3.2.2 would still be vulnerable. \u003cbr\u003e\u003cbr\u003eSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \\\"org.apache.tika:tika-parsers\\\" module.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-611\", \"description\": \"CWE-611 Improper Restriction of XML External Entity Reference\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-12-30T16:12:37.859Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-66516\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-30T16:12:37.859Z\", \"dateReserved\": \"2025-12-03T23:11:17.441Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2025-12-04T16:17:24.980Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

wid-sec-w-2025-1883

Vulnerability from csaf_certbund

Published

2025-08-20 22:00

Modified

2025-12-04 23:00

Summary

Apache Tika: Schwachstelle ermöglicht Infogewinn oder Manipulation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Das Apache Tika-Toolkit erkennt und extrahiert Metadaten und Text aus vielen verschiedenen Dateitypen.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tika ausnutzen, um sensible Daten auszulesen oder bösartige Anfragen an interne Ressourcen oder Server von Drittanbietern auszulösen.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das Apache Tika-Toolkit erkennt und extrahiert Metadaten und Text aus vielen verschiedenen Dateitypen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tika ausnutzen, um sensible Daten auszulesen oder b\u00f6sartige Anfragen an interne Ressourcen oder Server von Drittanbietern auszul\u00f6sen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1883 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1883.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1883 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1883"
      },
      {
        "category": "external",
        "summary": "Apache Tika Mailing List vom 2025-08-20",
        "url": "https://lists.apache.org/thread/8xn3rqy6kz5b3l1t83kcofkw0w4mmj1w"
      },
      {
        "category": "external",
        "summary": "Apache Tika Security vom 2025-08-20",
        "url": "https://tika.apache.org/security.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Bugtracker #2389910 vom 2025-08-20",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389910"
      },
      {
        "category": "external",
        "summary": "Elastic Security Announcement ESA-2025-15 vom 2025-08-28",
        "url": "https://discuss.elastic.co/t/enterprise-search-8-18-6-8-19-3-security-update-esa-2025-15-cve-2025-54988/381428"
      },
      {
        "category": "external",
        "summary": "Elastic Security Announcement ESA-2025-14 vom 2025-08-28",
        "url": "https://discuss.elastic.co/t/elasticsearch-8-18-6-8-19-3-9-0-6-and-9-1-3-security-update-esa-2025-14-cve-2025-54988/381427"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2025-09-19",
        "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124164"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4350 vom 2025-10-26",
        "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00030.html"
      },
      {
        "category": "external",
        "summary": "GitHub Advisory Database vom 2025-12-04",
        "url": "https://github.com/advisories/GHSA-f58c-gq56-vjjf"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache Tika: Schwachstelle erm\u00f6glicht Infogewinn oder Manipulation",
    "tracking": {
      "current_release_date": "2025-12-04T23:00:00.000+00:00",
      "generator": {
        "date": "2025-12-05T06:52:13.688+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-1883",
      "initial_release_date": "2025-08-20T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-08-20T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-08-21T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-25435"
        },
        {
          "date": "2025-08-28T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Elastic aufgenommen"
        },
        {
          "date": "2025-09-21T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von HCL aufgenommen"
        },
        {
          "date": "2025-10-26T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-12-04T23:00:00.000+00:00",
          "number": "6",
          "summary": "CVE und Produkte erg\u00e4nzt,"
        }
      ],
      "status": "final",
      "version": "6"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c3.2.2",
                "product": {
                  "name": "Apache Tika \u003c3.2.2",
                  "product_id": "T046404"
                }
              },
              {
                "category": "product_version",
                "name": "3.2.2",
                "product": {
                  "name": "Apache Tika 3.2.2",
                  "product_id": "T046404-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tika:3.2.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "tika-parser-pdf-module \u003c3.2.2",
                "product": {
                  "name": "Apache Tika tika-parser-pdf-module \u003c3.2.2",
                  "product_id": "T049108"
                }
              },
              {
                "category": "product_version",
                "name": "tika-parser-pdf-module 3.2.2",
                "product": {
                  "name": "Apache Tika tika-parser-pdf-module 3.2.2",
                  "product_id": "T049108-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tika:tika-parser-pdf-module__3.2.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "tika-parsers \u003c2.0.0",
                "product": {
                  "name": "Apache Tika tika-parsers \u003c2.0.0",
                  "product_id": "T049109"
                }
              },
              {
                "category": "product_version",
                "name": "tika-parsers  2.0.0",
                "product": {
                  "name": "Apache Tika tika-parsers  2.0.0",
                  "product_id": "T049109-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tika:tika-parsers___2.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tika"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "14",
                "product": {
                  "name": "HCL Domino 14",
                  "product_id": "T033028",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:domino:14"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12",
                "product": {
                  "name": "HCL Domino 12",
                  "product_id": "T038610",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:domino:12"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.5",
                "product": {
                  "name": "HCL Domino 14.5",
                  "product_id": "T045951",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:domino:14.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Domino"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.18.6",
                "product": {
                  "name": "Open Source Elasticsearch \u003c8.18.6",
                  "product_id": "T046588"
                }
              },
              {
                "category": "product_version",
                "name": "8.18.6",
                "product": {
                  "name": "Open Source Elasticsearch 8.18.6",
                  "product_id": "T046588-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:elasticsearch:elasticsearch:8.18.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.19.3",
                "product": {
                  "name": "Open Source Elasticsearch \u003c8.19.3",
                  "product_id": "T046589"
                }
              },
              {
                "category": "product_version",
                "name": "8.19.3",
                "product": {
                  "name": "Open Source Elasticsearch 8.19.3",
                  "product_id": "T046589-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:elasticsearch:elasticsearch:8.19.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.0.6",
                "product": {
                  "name": "Open Source Elasticsearch \u003c9.0.6",
                  "product_id": "T046596"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.6",
                "product": {
                  "name": "Open Source Elasticsearch 9.0.6",
                  "product_id": "T046596-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:elasticsearch:elasticsearch:9.0.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.1.3",
                "product": {
                  "name": "Open Source Elasticsearch \u003c9.1.3",
                  "product_id": "T046597"
                }
              },
              {
                "category": "product_version",
                "name": "9.1.3",
                "product": {
                  "name": "Open Source Elasticsearch 9.1.3",
                  "product_id": "T046597-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:elasticsearch:elasticsearch:9.1.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Elasticsearch"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-54988",
      "product_status": {
        "known_affected": [
          "T033028",
          "T046404",
          "T045951",
          "T046589",
          "T049109",
          "T049108",
          "2951",
          "T038610",
          "T046588",
          "T046596",
          "T046597"
        ]
      },
      "release_date": "2025-08-20T22:00:00.000+00:00",
      "title": "CVE-2025-54988"
    },
    {
      "cve": "CVE-2025-66516",
      "product_status": {
        "known_affected": [
          "T033028",
          "T046404",
          "T045951",
          "T046589",
          "T049109",
          "T049108",
          "2951",
          "T038610",
          "T046588",
          "T046596",
          "T046597"
        ]
      },
      "release_date": "2025-08-20T22:00:00.000+00:00",
      "title": "CVE-2025-66516"
    }
  ]
}

CERTFR-2025-AVI-1100

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Atlassian	Jira	Jira Software Data Center et Server versions 9.12.x antérieures à 9.12.30
Atlassian	Jira	Jira Software Data Center et Server versions 10.3.x antérieures à 10.3.15
Atlassian	Confluence	Confluence Data Center et Server versions 9.5.x antérieures à 9.5.2
Atlassian	Jira	Jira Service Management Data Center et Server versions 11.x antérieures à 11.2.1
Atlassian	Confluence	Confluence Data Center et Server versions 10.0.x antérieures à 10.0.2
Atlassian	Confluence	Confluence Data Center et Server versions 8.5.x antérieures à 8.5.30
Atlassian	Confluence	Confluence Data Center et Server versions 10.1.x antérieures à 10.1.0
Atlassian	Confluence	Confluence Data Center et Server versions 9.2.x antérieures à 9.2.12
Atlassian	Confluence	Confluence Data Center et Server versions 9.3.x antérieures à 9.3.1
Atlassian	Confluence	Confluence Data Center et Server versions 9.4.x antérieures à 9.4.0
Atlassian	Jira	Jira Service Management Data Center et Server versions 10.3.x antérieures à 10.3.15
Atlassian	Jira	Jira Software Data Center et Server versions 11.x antérieures à 11.2.1
Atlassian	Confluence	Confluence Data Center et Server versions 10.2.x antérieures à 10.2.1

References

Title

Publication Time

Tags

Bulletin de sécurité Atlassian JSDSERVER-16469	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26599	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101574	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26636	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26600	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16461	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16478	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26614	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16458	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26630	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26627	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26634	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16466	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101788	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101478	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101573	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16477	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26635	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16470	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26629	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16479	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26625	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26626	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101575	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16462	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian CONFSERVER-101489	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26619	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16456	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26615	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26628	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSDSERVER-16480	2025-12-11	vendor-advisory
Bulletin de sécurité Atlassian JSWSERVER-26620	2025-12-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Jira Software Data Center et Server versions 9.12.x ant\u00e9rieures \u00e0 9.12.30",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Data Center et Server versions 10.3.x ant\u00e9rieures \u00e0 10.3.15",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 9.5.x ant\u00e9rieures \u00e0 9.5.2",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Data Center et Server versions 11.x ant\u00e9rieures \u00e0 11.2.1",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 10.0.x ant\u00e9rieures \u00e0 10.0.2",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.30",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 10.1.x ant\u00e9rieures \u00e0 10.1.0",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 9.2.x ant\u00e9rieures \u00e0 9.2.12",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 9.3.x ant\u00e9rieures \u00e0 9.3.1",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 9.4.x ant\u00e9rieures \u00e0 9.4.0",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Service Management Data Center et Server versions 10.3.x ant\u00e9rieures \u00e0 10.3.15",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Jira Software Data Center et Server versions 11.x ant\u00e9rieures \u00e0 11.2.1",
      "product": {
        "name": "Jira",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    },
    {
      "description": "Confluence Data Center et Server versions 10.2.x ant\u00e9rieures \u00e0 10.2.1",
      "product": {
        "name": "Confluence",
        "vendor": {
          "name": "Atlassian",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2021-39227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39227"
    },
    {
      "name": "CVE-2022-37603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
    },
    {
      "name": "CVE-2025-66516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66516"
    },
    {
      "name": "CVE-2024-29415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
    },
    {
      "name": "CVE-2025-41248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
    },
    {
      "name": "CVE-2025-27152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
    },
    {
      "name": "CVE-2024-21634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
    },
    {
      "name": "CVE-2022-37601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
    },
    {
      "name": "CVE-2025-48976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
    },
    {
      "name": "CVE-2022-45693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
    },
    {
      "name": "CVE-2016-1181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1181"
    },
    {
      "name": "CVE-2025-54988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2023-49735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49735"
    },
    {
      "name": "CVE-2022-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
    },
    {
      "name": "CVE-2024-12905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12905"
    },
    {
      "name": "CVE-2020-8203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
    },
    {
      "name": "CVE-2022-37599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
    },
    {
      "name": "CVE-2025-58754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
    },
    {
      "name": "CVE-2016-1182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1182"
    }
  ],
  "initial_release_date": "2025-12-12T00:00:00",
  "last_revision_date": "2025-12-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1100",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Atlassian. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Atlassian",
  "vendor_advisories": [
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16469",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16469"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26599",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26599"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101574",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101574"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26636",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26636"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26600",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26600"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16461",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16461"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16478",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16478"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26614",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26614"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16458",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16458"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26630",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26630"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26627",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26627"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26634",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26634"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16466",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16466"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101788",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101788"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101478",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101478"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101573",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101573"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16477",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16477"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26635",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26635"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16470",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16470"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26629",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26629"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16479",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16479"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26625",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26625"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26626",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26626"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101575",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101575"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16462",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16462"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian CONFSERVER-101489",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-101489"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26619",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26619"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16456",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16456"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26615",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26615"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26628",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26628"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSDSERVER-16480",
      "url": "https://jira.atlassian.com/browse/JSDSERVER-16480"
    },
    {
      "published_at": "2025-12-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Atlassian JSWSERVER-26620",
      "url": "https://jira.atlassian.com/browse/JSWSERVER-26620"
    }
  ]
}

ghsa-f58c-gq56-vjjf

Vulnerability from github

Published

2025-12-04 18:30

Modified

2025-12-05 02:26

Severity ?

10.0 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Summary

Apache Tika has XXE vulnerability

Details

This CVE covers the same vulnerability as in CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways.

First, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable.

Second, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the "org.apache.tika:tika-parsers" module.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.2.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tika:tika-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.13"
            },
            {
              "fixed": "3.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tika:tika-parsers"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.13"
            },
            {
              "fixed": "2.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.2.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tika:tika-parser-pdf-module"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "3.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-66516"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-611"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-05T02:24:30Z",
    "nvd_published_at": "2025-12-04T17:15:57Z",
    "severity": "CRITICAL"
  },
  "details": "Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \n\nThis CVE covers the same vulnerability as in\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \n\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \n\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \"org.apache.tika:tika-parsers\" module.",
  "id": "GHSA-f58c-gq56-vjjf",
  "modified": "2025-12-05T02:26:56Z",
  "published": "2025-12-04T18:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66516"
    },
    {
      "type": "WEB",
      "url": "https://cve.org/CVERecord?id=CVE-2025-54988"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tika"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache Tika has XXE vulnerability"
}

fkie_cve-2025-66516

Vulnerability from fkie_nvd

Published

2025-12-04 17:15

Modified

2025-12-30 16:15

Severity ?

8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@apache.org	https://cve.org/CVERecord?id=CVE-2025-54988	Third Party Advisory
	security@apache.org	https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k	Vendor Advisory

Impacted products

	Vendor	Product	Version
	apache	tika	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E31452-81F9-4B50-A6E1-EE8FE3E148BD",
              "versionEndExcluding": "3.2.2",
              "versionStartIncluding": "1.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \n\nThis CVE covers the same vulnerability as in\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \n\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \n\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \"org.apache.tika:tika-parsers\" module."
    }
  ],
  "id": "CVE-2025-66516",
  "lastModified": "2025-12-30T16:15:46.230",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 5.9,
        "source": "security@apache.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-12-04T17:15:57.120",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cve.org/CVERecord?id=CVE-2025-54988"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "security@apache.org",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-66516 (GCVE-0-2025-66516)

Vulnerability from cvelistv5

wid-sec-w-2025-1883

Vulnerability from csaf_certbund

CERTFR-2025-AVI-1100

Vulnerability from certfr_avis

Solutions

ghsa-f58c-gq56-vjjf

Vulnerability from github

fkie_cve-2025-66516

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature