InfoWorld

Apache Tika hit by critical vulnerability thought to be patched months ago

A security flaw in the widely-used Apache Tika XML document extraction utility, originally made public last summer, is wider in scope and more serious than first thought, the project’s maintainers ...
Dark Reading

Apache Issues Max-Severity Tika CVE After Patch Miss

The Apache Software Foundation (ASF) has issued a new CVE identifier for a critical security flaw in Apache Tika because its original vulnerability disclosure failed to capture the full extent of ...
heise online

Security Updates: Apache HTTP Server and Tika are vulnerable

Attackers can exploit several security vulnerabilities to attack computers running Apache HTTP Server or Tika. The descriptions of the vulnerabilities suggest that attackers could compromise systems ...