Lucene search
Veracode Vulnerability DatabaseVERACODE:7510HistorySep 20, 2018 - 2:46 a.m.
Denial Of Service (DoS)
2018-09-2002:46:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.003
Percentile
66.1%
tika-core is vulnerable to denial of service (DoS) attacks. The vulnerability exists due to the lack of default limit to the number of entity expansions that could occur, allowing DoS attacks.
References
www.securityfocus.com/bid/105514
github.com/apache/tika/commit/bd9d75d8b0a85af2937047bfad04288c3044b2a6
lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E
lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Related
prion
prion
Design/Logic Flaw
2018-09-19 14:29:00
Code injection
2018-10-09 22:29:00
debiancve
debiancve
CVE-2018-11761
2018-09-19 14:29:00
CVE-2018-11796
2018-10-09 22:29:00
ubuntucve
ubuntucve
CVE-2018-11761
2018-09-19 00:00:00
CVE-2018-11796
2018-10-09 00:00:00
cvelist
cvelist
CVE-2018-11761
2018-09-19 14:00:00
CVE-2018-11796
2018-10-09 22:00:00
osv
osv
CVE-2018-11761
2018-09-19 14:29:00
High severity vulnerability that affects org.apache.tika:tika-core
2018-10-17 15:49:36
CVE-2018-11796
2018-10-09 22:29:00
github
github
cve
cve
CVE-2018-11761
2018-09-19 14:29:00
CVE-2018-11796
2018-10-09 22:29:00
nvd
nvd
CVE-2018-11761
2018-09-19 14:29:00
CVE-2018-11796
2018-10-09 22:29:00
redhatcve
redhatcve
CVE-2018-11761
2018-09-24 20:51:52
CVE-2018-11796
2018-10-15 07:28:22
openvas
openvas
Apache Tika Server XML Entity Expansion Denial of Service Vulnerability
2018-09-27 00:00:00
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00