Lucene search
Veracode Vulnerability DatabaseVERACODE:6194HistoryApr 26, 2018 - 4:20 a.m.
Denial Of Service (DoS)
2018-04-2604:20:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
19.1%
Apache Tika parsers are susceptible to denial of service (DoS) attacks. The attacker can input a malicious file to trigger an infinite loop in ChmParser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache tika parser modules | le | 1.6 | |
| apache tika parser modules | le | 1.17 |
References
access.redhat.com/errata/RHSA-2018:2669
github.com/apache/tika/blob/b85d2f875df143aedd20df1b3b73a1c84c1fda8c/CHANGES.txt
github.com/apache/tika/commit/ffb48dd29d0c2009490caefda75e5b57c7958c51
lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828@%3Cdev.tika.apache.org%3E
Related
github
github
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
2018-10-17 15:43:59
cve
cve
CVE-2018-1339
2018-04-25 21:29:00
osv
osv
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
2018-10-17 15:43:59
CVE-2018-1339
2018-04-25 21:29:00
prion
prion
Code injection
2018-04-25 21:29:00
nvd
nvd
CVE-2018-1339
2018-04-25 21:29:00
debiancve
debiancve
CVE-2018-1339
2018-04-25 21:29:00
redhatcve
redhatcve
CVE-2018-1339
2018-04-27 01:58:46
ubuntucve
ubuntucve
CVE-2018-1339
2018-04-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Tika Chmparser Denial Of Service (CVE-2018-1339)
2018-05-27 00:00:00
cvelist
cvelist
CVE-2018-1339
2018-04-25 00:00:00
ibm
ibm
openvas
openvas
Apache Tika Server 1.17 Multiple Vulnerabilities
2018-04-26 00:00:00
f5
f5
redhat
redhat
(RHSA-2018:2669) Important: Fuse 7.1 security update
2018-09-11 07:52:48