Lucene search
K

7 matches found

CVE
CVE
added 2018/04/25 9:0 p.m.308 views

CVE-2018-1335

CVE-2018-1335 affects Apache Tika with tika-server versions 1.7–1.17, where carefully crafted HTTP headers can trigger command injection on the server if exposed to untrusted clients. The underlying issue is an input handling flaw that allows commands to be passed to the server’s command line. Th...

9.3CVSS7.8AI score0.93972EPSS
In wildWeb
CVE
CVE
added 2022/05/16 5:5 p.m.204 views

CVE-2022-25169

CVE-2022-25169 concerns Apache Tika’s BPG parser, where crafted inputs may cause excessive memory allocation, potentially leading to a denial of service. Public details consistently identify the vulnerable component as the BPG parser within Tika and specify affected versions as before 1.28.2 and ...

5.5CVSS5.7AI score0.02027EPSS
CVE
CVE
added 2022/05/16 5:5 p.m.186 views

CVE-2022-30126

Apache Tika CVE-2022-30126 is a ReDoS via a regex in StandardsText used by the StandardsExtractingContentHandler. The issue can cause denial of service on crafted files and only affects users running the StandardsExtractingContentHandler (a non-standard handler). A fix is available in Tika versio...

5.5CVSS4.5AI score0.02495EPSS
CVE
CVE
added 2022/05/31 1:20 p.m.163 views

CVE-2022-30973

Apache Tika's ReDoS vulnerability (CVE-2022-30973) arises from a regex in StandardsText used by StandardsExtractingContentHandler. Affected: 1.x branch, specifically the 1.28.2 release; impact is denial of service via backtracking on crafted files. The issue is limited to users running the Standa...

5.5CVSS4.6AI score0.02495EPSS
CVE
CVE
added 2022/06/27 9:40 p.m.113 views

CVE-2022-33879

CVE-2022-33879 is related to Apache Tika's regex handling in the StandardsExtractingContentHandler. The connected Nessus entries confirm a separate, new regular-expression DoS (ReDoS) vulnerability in a different regex within the same component. The initial fixes for CVE-2022-30126 and CVE-2022-3...

3.3CVSS4.9AI score0.01892EPSS
CVE
CVE
added 2018/04/25 9:0 p.m.103 views

CVE-2018-1339

CVE-2018-1339 affects Apache Tika's ChmParser; a carefully crafted file can trigger an infinite loop in versions prior to 1.18, causing DoS. Remediation: upgrade to Tika 1.18 or later (as indicated by multiple advisories).

5.5CVSS5.5AI score0.02648EPSS
CVE
CVE
added 2018/04/25 9:0 p.m.98 views

CVE-2018-1338

CVE-2018-1338 : Apache Tika is vulnerable to a denial of service via a carefully crafted (or fuzzed) file that can trigger an infinite loop in the BPGParser in Tika versions before 1.18. The provided documents confirm the affected component (BPGParser in Apache Tika), the vulnerability type (infi...

5.5CVSS5.5AI score0.01984EPSS