|
|
|
| Date
|
2026-07-17
|
| Severity
|
reported "high", BlueSpice assessment: not affected
|
| Affected
|
bluespice/search Docker image (all versions)
|
| Fixed in
|
Unknown
|
| CVE
|
|
Problem
| CVE
|
Component
|
Type of vulnerability
|
BlueSpice 5
|
| CVE-2025-14813
|
bluespice/search
|
Use of a Broken or Risky Cryptographic Algorithm
|
not affected
|
Impact assessment
| CVE
|
Assessment
|
Mitigation without update
|
| CVE-2025-14813
|
The code is only used by Tika when processing Encrypted PDFs and Office files, which we don't support. In addition the code affected in particular is probably not used and the described attack vector ("capture ciphertext") and impact ("perform cryptanalysis and uncover the underlying data") is not applicable in this use case.
|
No action required.
|
Solution
No immediate action required.