Lucene search
GitHub Advisory DatabaseGHSA-P699-3WGC-7H72HistoryOct 17, 2018 - 3:43 p.m.
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
2018-10-1715:43:59
CWE-835
GitHub Advisory Database
github.com
10
0.001 Low
EPSS
Percentile
18.4%
Versions of the package org.apache.tika:tika-parsers before version 1.18 are vulnerable to Denial of Service (DoS) via a carefully crafted (or fuzzed) file that can trigger an infinite loop via the ChmParser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.apache.tika:tika-parsers | lt | 1.18 |
References
access.redhat.com/errata/RHSA-2018:2669
github.com/advisories/GHSA-p699-3wgc-7h72
github.com/apache/tika/commit/1b6ca3685c196cfd89f5f95c19cc919ce10c5aff#diff-43f8cbe58aaab159ce88bd95fafc46dd
lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E
nvd.nist.gov/vuln/detail/CVE-2018-1339
Related
checkpoint_advisories
checkpoint_advisories
Apache Tika Chmparser Denial Of Service (CVE-2018-1339)
2018-05-27 00:00:00
cve
cve
CVE-2018-1339
2018-04-25 21:29:00
osv
osv
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
2018-10-17 15:43:59
CVE-2018-1339
2018-04-25 21:29:00
debiancve
debiancve
CVE-2018-1339
2018-04-25 21:29:00
prion
prion
Code injection
2018-04-25 21:29:00
redhatcve
redhatcve
CVE-2018-1339
2018-04-27 01:58:46
veracode
veracode
Denial Of Service (DoS)
2018-04-26 04:20:11
ubuntucve
ubuntucve
CVE-2018-1339
2018-04-25 00:00:00
cvelist
cvelist
CVE-2018-1339
2018-04-25 00:00:00
ibm
ibm
openvas
openvas
Apache Tika Server 1.17 Multiple Vulnerabilities
2018-04-26 00:00:00
f5
f5
redhat
redhat
(RHSA-2018:2669) Important: Fuse 7.1 security update
2018-09-11 07:52:48