CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

OSV•added 2021/05/07 3:53 p.m.•38 views

GHSA-4PV3-63JW-4JW2 Missing Release of Memory after Effective Lifetime in Apache Tika

A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade ...

5.5CVSS5.9AI score0.0039EPSS

Exploits0References9

IBM Security Bulletins•added 2020/06/19 5:12 a.m.•26 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Tika

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Tika. Vulnerability Details CVEID: CVE-2020-9489 DESCRIPTION: Apache Tika is vulnerable to a denial of service, caused by an out of memory error and infinite loop flaw in the ICNSParser, MP3Parser,...

5.5CVSS1.8AI score0.00417EPSS

Exploits0Affected Software1