4 matches found
tika-core: incomplete fix for CVE-2022-30126
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only...
UBUNTU-CVE-2022-30973
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only...
ai.konduit.serving:konduit-serving-cli (=0.1.0), ai.konduit.serving:konduit-serving-distro-bom (=0.1.0) +1594 more potentially affected by CVE-2022-30126 via org.apache.tika:tika-core (>=1.17 <=1.28.1)
org.apache.tika:tika-core MAVEN version =1.17, =4.1.3, =3.1.1, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.2.7, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.1.2, =4.4.0-beta.7 and more Source cves: CVE-2022-30126 Source advisory: OSV:GHSA-RPJM-422R-95MH...
CVE-2022-30126
creationtimestamp| type| source ---|---|--- 2022-05-16 20:40:16+00:00| seen| https://t.me/cibsecurity/42763 2022-05-31 18:18:50+00:00| seen| https://t.me/cibsecurity/43564 2022-06-28 02:35:07+00:00| seen| https://t.me/cibsecurity/45253...