Information on source package tika

Available versions

ReleaseVersion
buster1.20-1
sid1.22-1

Open issues

BugbustersidDescription
CVE-2020-9489vulnerable (no DSA)vulnerableA carefully crafted or corrupt file may trigger a System.exit in Tika' ...
CVE-2020-1951vulnerable (no DSA)vulnerableA carefully crafted or corrupt PSD file can cause an infinite loop in ...
CVE-2020-1950vulnerable (no DSA)vulnerableA carefully crafted or corrupt PSD file can cause excessive memory usa ...
CVE-2019-10094vulnerable (no DSA)fixedA carefully crafted package/compressed file that, when unzipped/uncomp ...
CVE-2019-10093vulnerable (no DSA)fixedIn Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file ...
CVE-2019-10088vulnerable (no DSA)fixedA carefully crafted or corrupt zip file can cause an OOM in Apache Tik ...

Resolved issues

BugDescription
CVE-2018-8017In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an in ...
CVE-2018-17197A carefully crafted or corrupt sqlite file can cause an infinite loop ...
CVE-2018-1339A carefully crafted (or fuzzed) file can trigger an infinite loop in A ...
CVE-2018-1338A carefully crafted (or fuzzed) file can trigger an infinite loop in A ...
CVE-2018-1335From Apache Tika versions 1.7 to 1.17, clients could send carefully cr ...
CVE-2018-11796In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion lim ...
CVE-2018-11762In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not ...
CVE-2018-11761In Apache Tika 0.1 to 1.18, the XML parsers were not configured to lim ...
CVE-2016-6809Apache Tika before 1.14 allows Java code execution for serialized obje ...
CVE-2016-4434Apache Tika before 1.13 does not properly initialize the XML parser or ...
CVE-2015-3271Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow re ...

Security announcements

DSA / DLADescription
DLA-2161-1tika - security update

Search for package or bug name: Reporting problems