Lucene search

High severity vulnerability that affects org.apache.tika:tika-core

🗓️ 17 Oct 2018 15:36:49Reported by GitHub Advisory DatabaseType

High severity vulnerability in Apache Tika XML parser

Reporter	Title	Published	Views	Family All 26
Prion	Design/Logic Flaw	19 Sep 201814:29	–	prion
Prion	Code injection	9 Oct 201822:29	–	prion
Debian CVE	CVE-2018-11761	19 Sep 201814:29	–	debiancve
Debian CVE	CVE-2018-11796	9 Oct 201822:29	–	debiancve
Cvelist	CVE-2018-11761	19 Sep 201814:00	–	cvelist
Cvelist	CVE-2018-11796	9 Oct 201822:00	–	cvelist
OSV	CVE-2018-11761	19 Sep 201814:29	–	osv
OSV	High severity vulnerability that affects org.apache.tika:tika-core	17 Oct 201815:49	–	osv
OSV	CVE-2018-11796	9 Oct 201822:29	–	osv
OSV	Apache Tika is vulnerable to entity expansions which can lead to a denial of service attack	17 Oct 201815:43	–	osv

Vulners

Node

org.apache.tika tika\-coreRange0.1–1.19.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-11761
github	www.github.com/advisories/GHSA-6jq2-789q-fff2
lists	www.lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E
lists	www.lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
oracle	www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
securityfocus	www.securityfocus.com/bid/105514

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Oct 2018 15:49Current

3.3Low risk

Vulners AI Score3.3

CVSS25

CVSS37.5

EPSS0.63057

CWE-611