Описание
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | tika-core | Out of support scope | ||
| Red Hat build of Quarkus | tika-core | Fix deferred | ||
| Red Hat Integration Camel K 1 | tika-core | Fix deferred | ||
| Red Hat Integration Camel Quarkus 1 | tika-core | Fix deferred | ||
| Red Hat JBoss BRMS 5 | tika-core | Out of support scope | ||
| Red Hat JBoss BRMS 6 | tika-core | Out of support scope | ||
| Red Hat JBoss Data Virtualization 6 | tika-core | Out of support scope | ||
| Red Hat JBoss Fuse 6 | tika-core | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | tika-core | Out of support scope | ||
| Red Hat Fuse 7.11 | tika-core | Fixed | RHSA-2022:5532 | 07.07.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.1 Low
CVSS3
Связанные уязвимости
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0
In Apache Tika, a regular expression in our StandardsText class, used ...
Regular expression denial of service in apache tika
EPSS
3.1 Low
CVSS3