exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2020-9489

почти 6 лет назад

A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade to 1.24.1 or later. The vulnerabilities in the MP4Parser were partially fixed by upgrading the com.googlecode:isoparser:1.1.22 dependency to org.tallison:isoparser:1.9.41.2. For unrelated security reasons, we upgraded org.apache.cxf to 3.3.6 as part of the 1.24.1 release.

CVSS3: 5.5

EPSS: Низкий

CVE-2020-9489

почти 6 лет назад

CVSS3: 5.5

EPSS: Низкий

CVE-2020-9489

почти 6 лет назад

CVSS3: 5.5

EPSS: Низкий

CVE-2020-9489

почти 6 лет назад

A carefully crafted or corrupt file may trigger a System.exit in Tika' ...

CVSS3: 5.5

EPSS: Низкий

GHSA-4pv3-63jw-4jw2

почти 5 лет назад

Missing Release of Memory after Effective Lifetime in Apache Tika

CVSS3: 5.5

EPSS: Низкий

BDU:2020-05177

почти 6 лет назад

Уязвимость среды обнаружения и анализа контента Apache Tika, связанная с ошибками освобождения памяти перед удалением последней ссылки, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-9489 A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade to 1.24.1 or later. The vulnerabilities in the MP4Parser were partially fixed by upgrading the com.googlecode:isoparser:1.1.22 dependency to org.tallison:isoparser:1.9.41.2. For unrelated security reasons, we upgraded org.apache.cxf to 3.3.6 as part of the 1.24.1 release.	CVSS3: 5.5	0% Низкий	почти 6 лет назад
CVE-2020-9489 A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade to 1.24.1 or later. The vulnerabilities in the MP4Parser were partially fixed by upgrading the com.googlecode:isoparser:1.1.22 dependency to org.tallison:isoparser:1.9.41.2. For unrelated security reasons, we upgraded org.apache.cxf to 3.3.6 as part of the 1.24.1 release.	CVSS3: 5.5	0% Низкий	почти 6 лет назад
CVE-2020-9489 A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade to 1.24.1 or later. The vulnerabilities in the MP4Parser were partially fixed by upgrading the com.googlecode:isoparser:1.1.22 dependency to org.tallison:isoparser:1.9.41.2. For unrelated security reasons, we upgraded org.apache.cxf to 3.3.6 as part of the 1.24.1 release.	CVSS3: 5.5	0% Низкий	почти 6 лет назад
CVE-2020-9489 A carefully crafted or corrupt file may trigger a System.exit in Tika' ...	CVSS3: 5.5	0% Низкий	почти 6 лет назад
GHSA-4pv3-63jw-4jw2 Missing Release of Memory after Effective Lifetime in Apache Tika	CVSS3: 5.5	0% Низкий	почти 5 лет назад
BDU:2020-05177 Уязвимость среды обнаружения и анализа контента Apache Tika, связанная с ошибками освобождения памяти перед удалением последней ссылки, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 6.5	0% Низкий	почти 6 лет назад

Уязвимостей на страницу