Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistApacheCVELIST:CVE-2018-1335
HistoryApr 25, 2018 - 12:00 a.m.

CVE-2018-1335

2018-04-2500:00:00
apache
www.cve.org
1

8 High

AI Score

Confidence

High

0.968 High

EPSS

Percentile

99.7%

JSON

From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.

CNA Affected

[
  {
    "product": "Apache Tika",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "1.7 to 1.17"
      }
    ]
  }
]

Related

cve 1
exploitpack 1
debiancve 1
zdt 2
packetstorm 2
redhatcve 1
ubuntucve 1
osv 2
github 1
checkpoint_advisories 1
nuclei 1
nvd 1
rhino 1
metasploit 1
veracode 1
prion 1
attackerkb 1
exploitdb 2
openvas 1
f5 1
redhat 1
ibm 1
cve
cve
CVE-2018-1335
2018-04-25 21:29:00
exploitpack
exploitpack
Apache Tika-server 1.18 - Command Injection
2019-03-13 00:00:00
debiancve
debiancve
CVE-2018-1335
2018-04-25 21:29:00
zdt
zdt
Apache Tika-server < 1.18 - Command Injection Exploit
2019-03-13 00:00:00
Apache Tika 1.15 - 1.17 - Header Command Injection Exploit
2019-08-05 00:00:00
packetstorm
packetstorm
Apache Tika 1.17 Header Command Injection
2019-08-02 00:00:00
Apache Tika Server Command Injection
2019-03-13 00:00:00
redhatcve
redhatcve
CVE-2018-1335
2018-04-27 01:59:08
ubuntucve
ubuntucve
CVE-2018-1335
2018-04-25 00:00:00
osv
osv
CVE-2018-1335
2018-04-25 21:29:00
High severity vulnerability that affects org.apache.tika:tika-core
2018-10-17 15:43:43
github
github
Command injection in org.apache.tika:tika-core
2018-10-17 15:43:43
checkpoint_advisories
checkpoint_advisories
Apache Tika Command Injection (CVE-2018-1335)
2018-12-06 00:00:00
nuclei
nuclei
Apache Tika <1.1.8- Header Command Injection
2021-02-27 03:18:29
nvd
nvd
CVE-2018-1335
2018-04-25 21:29:00
rhino
rhino
Exploiting CVE-2018-1335:Command Injection in Apache Tika
2019-03-12 10:41:43
metasploit
metasploit
Apache Tika Header Command Injection
2019-03-29 02:05:05
veracode
veracode
Arbitrary Command Injection
2018-04-26 02:35:04
prion
prion
Design/Logic Flaw
2018-04-25 21:29:00
attackerkb
attackerkb
Apache Tika Header Command Injection CVE-2018-1335
2018-04-25 00:00:00
exploitdb
exploitdb
Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)
2019-08-05 00:00:00
Apache Tika-server &lt; 1.18 - Command Injection
2019-03-13 00:00:00
openvas
openvas
Apache Tika Server 1.17 Multiple Vulnerabilities
2018-04-26 00:00:00
f5
f5
K11522001 : Apache vulnerabilities CVE-2018-1313, CVE-2018-1338, CVE-2018-1339, CVE-2018-1335, and CVE-2018-8003
2018-07-17 00:00:00
redhat
redhat
(RHSA-2019:3140) Important: Red Hat JBoss Data Virtualization 6.4.8 security update
2019-10-17 14:53:06
ibm
ibm
Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities
2022-01-11 21:02:17

8 High

AI Score

Confidence

High

0.968 High

EPSS

Percentile

99.7%

JSON
Related for CVELIST:CVE-2018-1335
cve1exploitpack1debiancve1zdt2packetstorm2redhatcve1ubuntucve1osv2github1checkpoint_advisories1nuclei1nvd1rhino1metasploit1veracode1prion1attackerkb1exploitdb2openvas1f51redhat1ibm1