EPSS
Percentile
56.8%
Apache Tika is vulnerable to denial of service (DoS). The attacker can cause a stack overflow in RecursiveParserWrapper by providing a malicious package/compressed file to unzip, generating the same file recursively.
RecursiveParserWrapper
github.com/apache/tika/blob/ef302848e6b14331516e09e2bde7d021991ddb67/CHANGES.txt
github.com/apache/tika/commit/b8655aad5efaef1c5d266676350f58743770fb5b
lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E