Hi,
Please take the time to read a CVE text before asking questions:
https://nvd.nist.gov/vuln/detail/CVE-2025-66516
It is the same vulnerability, the new CVE just clarifies that the actual
vulnerability is in tika-core, and that the vulnerability also applies
to the 1.x versions. It has already been fixed.
Tilman
Am 09.12.2025 um 07:38 schrieb Saravanan Balakrishnan:
Hi Tika team,
Can you please provide the possible fix date for the below CVE in Tika
3.2.x and 2.9.5 snapshot build. If it is already fixed let me know the
details on the same.
CVE-2025-66516
CVE-2025-54988
Thanks & Regards,
Saravanan B
