Lucene search
ApacheCVELIST:CVE-2022-30973HistoryMay 31, 2022 - 1:20 p.m.
CVE-2022-30973 Missing fix for CVE-2022-30126 in 1.28.2
2022-05-3113:20:10
apache
www.cve.org
4
cve-2022-30126
apache tika
denial of service
backtracking
standardsextractingcontenthandler
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3.
CNA Affected
[
{
"product": "Apache Tika",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.28.2",
"status": "affected",
"version": "Apache Tika",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2022-30973
2022-05-31 14:15:07
Regular expression denial of service in apache tika
2022-06-01 00:00:36
Apache Tika contains incomplete fix for regex DoS
2022-06-28 00:00:41
debiancve
debiancve
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-06-01 10:24:13
Regular Expression Denial Of Service (ReDoS)
2022-06-28 08:35:27
Denial Of Service (DoS)
2022-05-17 07:13:07
prion
prion
Design/Logic Flaw
2022-05-31 14:15:00
Design/Logic Flaw
2022-06-27 22:15:00
Code injection
2022-05-16 17:15:00
redhatcve
redhatcve
CVE-2022-30973
2022-06-21 09:01:21
CVE-2022-30126
2022-06-06 22:57:18
cve
cve
github
github
Regular expression denial of service in apache tika
2022-06-01 00:00:36
Apache Tika contains incomplete fix for regex DoS
2022-06-28 00:00:41
Regular expression denial of service in apache tika
2022-05-17 00:00:37
ubuntucve
ubuntucve
nvd
nvd
redhat
redhat
(RHSA-2022:7257) Low: Red Hat Integration Camel-K 1.8.1 security update
2022-10-27 18:11:20
(RHSA-2022:5532) Important: Red Hat Fuse 7.11.0 release and security update
2022-07-07 14:16:35
openvas
openvas
Apache Tika Server < 1.28.4, 2.4.x < 2.4.1 DoS Vulnerability
2022-06-29 00:00:00
Apache Tika Server < 1.28.3 DoS Vulnerability
2022-06-01 00:00:00
Apache Tika Server < 1.28.2, 2.x < 2.4.0 Multiple Vulnerabilities
2022-05-17 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Tika
2022-06-29 02:20:07
cvelist
cvelist
cnvd
cnvd
Apache Tika Denial of Service Vulnerability (CNVD-2022-73491)
2022-05-27 00:00:00
Apache Tika Denial of Service Vulnerability (CNVD-2022-73263)
2022-06-01 00:00:00
nessus
nessus
Oracle Primavera Unifier (Jul 2022 CPU)
2022-07-20 00:00:00
Oracle WebCenter Portal Multiple Vulnerabilities (Oct 2022 CPU)
2022-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00