Package impact
Maven / org.apache.tika:tika-core
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2016-6809 | critical | 9.8 | 9.8 | 9y ago | Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization. | |
| CVE-2016-4434 | high | 7.8 | 7.8 | 9y ago | Apache Tika does not properly initialize the XML parser or choose handlers |