Hyland Connect

A critical XML External Entity vulnerability (CVE-2025-66516) has been identified in Apache Tika. The root cause is improper handling of XML external entities in Tika XML parsing logic. In practice, this vulnerability is exploitable via crafted PDF files containing XFA structures, which embed XML that is parsed during document processing. When vulnerable Tika versions process such untrusted content, this can result in unintended disclosure of local files or outbound network requests.

What is actually affected in Alfresco

The vulnerability does not affect the Alfresco Repository from version 7.0 onwards.

Although the Repository includes Apache Tika, its usage there is limited to charset detection and basic metadata handling. From Alfresco 7.0 forward, the Repository does not perform PDF parsing with Tika, nor does it process embedded XML (such as XFA) in a way that triggers the vulnerable code paths. As a result, modern Alfresco Repository versions are not exposed to CVE-2025-66516.

The vulnerable component in supported architectures is Alfresco Transform Core.

Alfresco Transform Core is responsible for document transformations and metadata extraction, including PDF parsing via Apache Tika. This is where untrusted document content is parsed and where the vulnerable XML parsing logic can be exercised.

Although the vulnerability has been demonstrated using crafted PDF files with embedded XFA XML, the underlying issue is not limited to PDF processing. CVE-2025-66516 is caused by unsafe XML external entity handling in Apache Tika XML parsing logic. Any document format or parsing path that causes untrusted XML to be processed by vulnerable Tika versions could theoretically be affected, even if PDF/XFA is the primary documented trigger.

Impact on Alfresco Transform Core

All Alfresco Transform Core versions that embed Apache Tika up to and including version 3.2.1 are affected.

The vulnerability is fully addressed upstream in Apache Tika 3.2.3, which disables unsafe XML external entity resolution across affected parsing paths.

The latest and recommended safe version is Alfresco Transform Core 5.2.4.

Transform Core 5.2.4 includes Apache Tika 3.2.3 and fully mitigates CVE-2025-66516.

Compatibility and required action

Transform Core 5.2.4 is compatible with all currently supported Alfresco product lines:

• Alfresco 7.x
• Alfresco 23.x
• Alfresco 25.x

This makes the mitigation straightforward and uniform across supported versions.

The only required action is to upgrade Alfresco Transform Core to version 5.2.4.

No Alfresco Repository upgrade is required for this vulnerability. No Repository-side Tika replacement or patching is needed.

This applies equally to Community and Enterprise deployments.

What administrators and developers should verify

1. Check the deployed Transform Service stack and confirm the Alfresco Transform Core version.

2. Ensure Transform Core is running version 5.2.4.

3. Review any custom or third-party transformers that may bundle their own Tika dependencies and ensure they do not include Tika versions up to 3.2.1.

4. No changes are required in the Alfresco Repository for supported versions with respect to this CVE.

Legacy Repository transformers and older Alfresco versions

The Alfresco Repository is not affected by CVE-2025-66516 from version 7.0 onwards.

Starting with Alfresco 7.0, all document parsing and transformation responsibilities were fully externalized to the Transform Service stack. The Repository no longer performs PDF parsing via Apache Tika and only uses Tika for limited tasks such as charset detection, which do not exercise the vulnerable XML parsing logic.

Earlier Alfresco versions require special attention.

Alfresco versions 6.x and earlier may still be affected if they use legacy in-process transformers, specifically:

• LegacyTransformClient
• TikaPoweredContentTransformer

In these architectures, the Repository itself performs document parsing using Apache Tika, including PDF handling. In such cases, the vulnerable XML parsing logic can be invoked directly inside the Repository JVM, making these deployments exposed to CVE-2025-66516 when untrusted content is ingested.

Required action for legacy versions

For Alfresco 6.x or earlier deployments, one of the following mitigations is required:

• Migrate to the external Transform Service architecture and upgrade Transform Core to 5.2.4
• Or explicitly upgrade or override embedded Apache Tika dependencies to version 3.2.3 or later
• Or disable legacy Tika-based transformers that may process XML content (including PDF), where feasible

These steps are necessary because upgrading Transform Core alone does not protect systems where document parsing still occurs inside the Repository.

Conclusion

CVE-2025-66516 is a serious upstream vulnerability in Apache Tika, but in Alfresco its impact is clearly bounded by architecture.

The Alfresco Repository is not affected from version 7.0 onwards.

Upgrading Alfresco Transform Core to version 5.2.4 is sufficient to fully protect Alfresco 7.x, 23.x, and 25.x deployments against this vulnerability.

Alfresco 6.x and earlier versions using LegacyTransformClient or TikaPoweredContentTransformer remain exposed unless additional remediation is applied.

Thanks to @afaust for contributing to diagnose and accurately scope the impact of this vulnerability.

Addendum: Fix available via alfresco-docker-installer

Update: The vulnerability described in this advisory (CVE-2025-66516, XXE exposure in Apache Tika) has now been fully addressed for Alfresco 7.x, 23.x and 25.x when deploying Alfresco using the latest release of alfresco-docker-installer.

The most recent version of alfresco-docker-installer ships with the corrected component versions and configuration required to mitigate the issue, removing the need for manual overrides or custom patching when running Alfresco in Docker-based environments.

Project repository and releases: https://github.com/alfresco/alfresco-docker-installer