Lucene search

CVE-2018-1339

🗓️ 25 Apr 2018 21:00:29Reported by apacheType

A crafted file triggers infinite loop in Apache Tika's ChmParse

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
Github Security Blog	org.apache.tika:tika-parsers has an Infinite Loop vulnerability	17 Oct 201815:43	–	github
Cvelist	CVE-2018-1339	25 Apr 201821:00	–	cvelist
Check Point Advisories	Apache Tika Chmparser Denial Of Service (CVE-2018-1339)	27 May 201800:00	–	checkpoint_advisories
RedhatCVE	CVE-2018-1339	27 Apr 201801:58	–	redhatcve
Veracode	Denial Of Service (DoS)	26 Apr 201804:20	–	veracode
OSV	CVE-2018-1339	25 Apr 201821:29	–	osv
OSV	GHSA-P699-3WGC-7H72 org.apache.tika:tika-parsers has an Infinite Loop vulnerability	17 Oct 201815:43	–	osv
UbuntuCve	CVE-2018-1339	25 Apr 201800:00	–	ubuntucve
Prion	Code injection	25 Apr 201821:29	–	prion
NVD	CVE-2018-1339	25 Apr 201821:29	–	nvd

Nvd

Vulners

Node

apache tikaRange<1.18

[
  {
    "product": "Apache Tika",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "< 1.18"
      }
    ]
  }
]

Source	Link
lists	www.lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828%40%3Cdev.tika.apache.org%3E
access	www.access.redhat.com/errata/RHSA-2018:2669

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Apr 2018 21:29Current

5.5Medium risk

Vulners AI Score5.5

CVSS24.3

CVSS35.5

EPSS0.03002

CWE-835