3 matches found
Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to multiple vulnerabilities in Apache Tika
Summary There are vulnerabilities in various versions of Apache Tika that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2019-10094 DESCRIPTION: Apache Tika is vulnerable to a stack-based buffer overflow, caused by a flaw in the...
Security Bulletin: Apache Tika as used by IBM QRadar SIEM is vulnerable to denial of service (CVE-2019-10088, CVE-2019-10093, CVE-2019-10094)
Summary Apache Tika as used by IBM QRadar SIEM is vulnerable to denial of service Vulnerability Details CVEID: CVE-2019-10093 DESCRIPTION: In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache...
CVE-2019-10094
Apache Tika CVE-2019-10094: A crafted archive that unpacks to itself (a quine) triggers a StackOverflowError in RecursiveParserWrapper for Tika versions 1.7–1.21. Upgrade to 1.22 or later to fix.