Hi,
The current version is 3.2.3 and that one uses 11.0.26.
Tilman
Am 26.11.2025 um 12:46 schrieb Saravanan Balakrishnan:
Thanks for the mail. Is there plan to fix for CVE-2024-6763
jetty-http-11.0.25.jar file used in the Tika 3.2.2,
https://nvd.nist.gov/vuln/detail/cve-2024-6763
Regards,
Saravanan B
----- Original message -----
From: "Tilman Hausherr" <[email protected]>
To: [email protected]
Subject: Re: Tika 3.2.2 CVE scan report
Date: Wed, Nov 26, 2025 5:05 PM
* [CAUTION: This email is from outside the organization. Unless
you trust the sender, don't click links or open attachments as
it may be a phishing email, which can steal your information
and compromise your computer.]
Hi,
That's not our job, that's yours. Especially considering that at
least one of this (spring) was answered several times on this
mailing list.
Tilman
Am 26.11.2025 um 12:31 schrieb Saravanan Balakrishnan:
Hi Tika team,
I have performed initial analysis on the scan report which is
attached with this mail as excel.
Need your input on the list of CVEs and its impact in Tika
3.2.2, so that we can plan our next build according as well as
I will inform to our customer regarding these known issue.
Thanks for your valuable time in advance.
Regards,
Saravanan B
