CVE-2018-8017

Опубликовано: 19 сент. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.

Ссылки

http://www.securityfocus.com/bid/105513
Third Party Advisory
VDB Entry
https://lists.apache.org/thread.html/72df7a3f0dda49a912143a1404b489837a11f374dfd1961061873a91%40%3Cdev.tika.apache.org%3E
http://www.securityfocus.com/bid/105513
Third Party Advisory
VDB Entry
https://lists.apache.org/thread.html/72df7a3f0dda49a912143a1404b489837a11f374dfd1961061873a91%40%3Cdev.tika.apache.org%3E

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*

Версия от 1.2 (включая) до 1.18 (включая)

EPSS

Процентиль: 84%

0.02108

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-835

Связанные уязвимости

CVE-2018-8017

CVSS3: 5.5

ubuntu

больше 7 лет назад

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.

CVE-2018-8017

CVSS3: 2.5

redhat

больше 7 лет назад

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.

CVE-2018-8017

CVSS3: 5.5

debian

больше 7 лет назад

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an in ...

GHSA-j53j-gmr9-h8g3

CVSS3: 5.5

github

больше 7 лет назад

Comparison errorr in org.apache.tika:tika-core

EPSS

Процентиль: 84%

0.02108

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-835