Hi,
Spring is used in one example (SpringExample.java, 4 lines of code and
an XML file that shows how to configure a parser bean). Are you using
this example as your production? If so, then update to a higher jdk so
you can use a higher spring version.
The CVE (which you can read here:
https://spring.io/security/cve-2025-41249 ) mentions the use of
|EnableMethodSecurity.|We're not using this.
Tilman
Am 29.09.2025 um 06:27 schrieb Saravanan Balakrishnan:
Hi All,
One quick clarification vulnerability CVE-2025-41249 which is related
to spring framework is impacts the Tika release, if so, can you please
confirm the list of versions that are impacted by that vulnerability.
Share more information on this and its impact in Tika along with the
plan to fix in Tika.
Expecting quick response as we have to plan our release artifact
accordingly.
Thanks in advance.
Regards,
Saravanan B
