-
Notifications
You must be signed in to change notification settings - Fork 63
/
Copy pathapache-tika-3.0.advisories.yaml
53 lines (50 loc) · 1.53 KB
/
apache-tika-3.0.advisories.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
schema-version: 2.0.2
package:
name: apache-tika-3.0
advisories:
- id: CGA-hgr8-8g24-xqf7
aliases:
- CVE-2024-6763
- GHSA-qh8g-58pp-2wxh
events:
- timestamp: 2024-12-26T22:00:51Z
type: detection
data:
type: scan/v1
data:
subpackageName: apache-tika-3.0
componentID: 3083bedd54b4ec69
componentName: jetty-http
componentVersion: 11.0.24
componentType: java-archive
componentLocation: /usr/share/java/tika-server-standard-3.0.0.jar
scanner: grype
- timestamp: 2025-01-13T20:51:48Z
type: pending-upstream-fix
data:
note: 'Attempting to patch this CVE leads to build failures, and will require an update from upstream maintainers to remediate. '
- timestamp: 2025-01-24T17:02:44Z
type: fixed
data:
fixed-version: 3.0.0-r9
- id: CGA-pqmq-rmg6-cmrc
aliases:
- CVE-2025-23184
- GHSA-fh5r-crhr-qrrq
events:
- timestamp: 2025-01-22T07:26:13Z
type: detection
data:
type: scan/v1
data:
subpackageName: apache-tika-3.0
componentID: 080f9571dcc5d597
componentName: cxf-core
componentVersion: 4.0.5
componentType: java-archive
componentLocation: /usr/share/java/tika-server-standard-3.0.0.jar
scanner: grype
- timestamp: 2025-01-24T17:02:43Z
type: fixed
data:
fixed-version: 3.0.0-r9