Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/10/04 6:40 a.m.55 views

Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to multiple vulnerabilities in Apache Tika

Summary There are vulnerabilities in various versions of Apache Tika that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2019-10094 DESCRIPTION: Apache Tika is vulnerable to a stack-based buffer overflow, caused by a flaw in the...

7.8CVSS1.3AI score0.05934EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.39 views

Security Bulletin: Apache Tika as used by IBM QRadar SIEM is vulnerable to denial of service (CVE-2019-10088, CVE-2019-10093, CVE-2019-10094)

Summary Apache Tika as used by IBM QRadar SIEM is vulnerable to denial of service Vulnerability Details CVEID: CVE-2019-10093 DESCRIPTION: In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache...

8.8CVSS0.7AI score0.0484EPSS
Exploits0Affected Software1
NVD
NVD
added 2019/08/02 7:15 p.m.30 views

CVE-2019-10093

In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later...

6.5CVSS6.3AI score0.03699EPSS
Exploits0References8
CVE
CVE
added 2019/08/02 6:32 p.m.94 views

CVE-2019-10093

CVE-2019-10093 affects Apache Tika 1.19–1.21, where parsing carefully crafted 2003ml/2006ml files can exhaust SAXParsers in the pool and cause very long hangs. Impact described as denial of service with availability risk; recommended fix is upgrade to Tika 1.22 or newer. Connected sources also no...

6.5CVSS6.3AI score0.03699EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder