Описание
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | not-affected | 1.20-1 |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 1.22-1 |
| esm-apps/jammy | not-affected | 1.22-2 |
| esm-apps/noble | not-affected | 1.22-2 |
| esm-apps/xenial | needs-triage |
Показывать по
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to lim ...
High severity vulnerability that affects org.apache.tika:tika-core
Уязвимость анализатора XML среды обнаружения и анализа контента Apache Tika, позволяющая нарушителю вызвать отказ в обслуживании
5 Medium
CVSS2
7.5 High
CVSS3