5.5
CVSSv3

CVE-2020-1951

Published: 23/03/2020 Updated: 21/11/2024

Vulnerability Summary

A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache tika

oracle business process management suite 12.2.1.3.0

oracle business process management suite 12.2.1.4.0

oracle communications messaging server 8.0.2

oracle communications messaging server 8.1

oracle flexcube private banking 12.0.0

oracle flexcube private banking 12.1.0

canonical ubuntu linux 16.04

debian debian linux 8.0

Vendor Advisories

Debian Bug report logs - #954302 tika: CVE-2020-1951 Package: src:tika; Maintainer for src:tika is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 19 Mar 2020 21:03:01 UTC Severity: grave Tags: security, upstream Found in versio ...

Mailing Lists

TItle: [CVE-2020-1951] Infinite Loop (DoS) vulnerability in Apache Tika's PSDParser Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Apache Tika 10 to 123 Description: A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 10-123 Mitigation: Apache Tika users s ...