A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
References
Configurations
History
07 Nov 2023, 03:02
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-08-02 19:15
Updated : 2024-02-28 17:08
NVD link : CVE-2019-10094
Mitre link : CVE-2019-10094
CVE.ORG link : CVE-2019-10094
JSON object : View
Products Affected
apache
- tika
CWE
CWE-770
Allocation of Resources Without Limits or Throttling