GHSA-5mf7-26mw-3rqr

Опубликовано: 17 окт. 2018

Источник: github

Github: Прошло ревью

CVSS3: 5.5

Описание

Moderate severity vulnerability that affects org.apache.tika:tika-core

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

Ссылки

Пакеты

Наименование

org.apache.tika:tika-core

maven

Затронутые версииВерсия исправления

< 1.18

1.18

EPSS

Процентиль: 84%

0.02232

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2018-1338

Дефекты

CWE-835

Связанные уязвимости

CVE-2018-1338

CVSS3: 5.5

ubuntu

почти 8 лет назад

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

CVE-2018-1338

CVSS3: 6.5

redhat

почти 8 лет назад

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

CVE-2018-1338

CVSS3: 5.5

nvd

почти 8 лет назад

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

CVE-2018-1338

CVSS3: 5.5

debian

почти 8 лет назад

A carefully crafted (or fuzzed) file can trigger an infinite loop in A ...

EPSS

Процентиль: 84%

0.02232

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2018-1338

Дефекты

CWE-835