CVE-2022-25169

Опубликовано: 16 мая 2022

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.

Ссылки

http://www.openwall.com/lists/oss-security/2022/05/16/4
Mailing List
Third Party Advisory
https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220804-0004/
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/05/16/4
Mailing List
Third Party Advisory
https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220804-0004/
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*

Версия до 1.28.2 (исключая)

cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*

Версия от 2.0.0 (включая) до 2.4.0 (исключая)

Конфигурация 2

Одно из

cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*

Версия от 17.7 (включая) до 17.12 (включая)

cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00313

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-770

Связанные уязвимости

CVE-2022-25169

CVSS3: 5.5

ubuntu

больше 3 лет назад

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.

CVE-2022-25169

CVSS3: 5.5

debian

больше 3 лет назад

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may ...

GHSA-7qcq-xp2f-56f6

CVSS3: 5.5

github

больше 3 лет назад

Apache Tika vulnerable to uncontrolled memory consumption

EPSS

Процентиль: 54%

0.00313

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-770