Published: 16/05/2022 Updated: 19/10/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache tika
oracle primavera unifier 18.8
oracle primavera unifier
oracle primavera unifier 19.12
oracle primavera unifier 20.12
oracle primavera unifier 21.12

Debian Bug report logs - #1015002 tika: CVE-2022-25169 CVE-2022-30126 CVE-2022-33879 Package: src:tika; Maintainer for src:tika is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 15 Jul 2022 22:39:01 UTC Severity: important Tags: secu ...

Synopsis Important: Red Hat Fuse 7110 release and security update Type/Severity Security Advisory: Important Topic A minor version update (from 710 to 711) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update ...

In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler This is fixed in 1282 and 240 ...

NVD-CWE-Other https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4 http://www.openwall.com/lists/oss-security/2022/05/16/3 http://www.openwall.com/lists/oss-security/2022/05/31/2 https://security.netapp.com/advisory/ntap-20220624-0004/http://www.openwall.com/lists/oss-security/2022/06/27/5 https://www.oracle.com/security-alerts/cpujul2022.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015002 https://nvd.nist.gov

CVE-2022-30126

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect