The docker deployments should be safe; the containers have no access to internet nor do they have the environment variables...

The same cannot be said of helm deployments.

The fix is in Tika 3.2.2 (apache/tika@bfee6d5); it won't be upgraded to automatically as it requires a change in docker-compose.yml (running setup).