Lucene search
ApacheCVELIST:CVE-2018-11762HistorySep 19, 2018 - 2:00 p.m.
CVE-2018-11762
2018-09-1914:00:00
apache
www.cve.org
5
In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (–extract-dir=) and the input file has an embedded file with an absolute path, such as “C:/evil.bat”, tika-app would overwrite that file.
CNA Affected
[
{
"product": "Apache Tika",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "0.9 to 1.18"
}
]
}
]Related
redhatcve
redhatcve
CVE-2018-11762
2018-09-24 21:20:25
osv
osv
CVE-2018-11762
2018-09-19 14:29:00
Moderate severity vulnerability that affects org.apache.tika:tika-core
2018-10-17 15:49:58
openvas
openvas
Apache Tika Server Zip Slip Arbitrary File Overwrite Vulnerability
2018-09-27 00:00:00
debiancve
debiancve
CVE-2018-11762
2018-09-19 14:29:00
ubuntucve
ubuntucve
CVE-2018-11762
2018-09-19 00:00:00
cve
cve
CVE-2018-11762
2018-09-19 14:29:00
prion
prion
Path traversal
2018-09-19 14:29:00
github
github
Moderate severity vulnerability that affects org.apache.tika:tika-core
2018-10-17 15:49:58
nvd
nvd
CVE-2018-11762
2018-09-19 14:29:00
veracode
veracode
Arbitrary File Overwrite
2018-09-20 03:32:23
