Information on source package tika

Available versions

ReleaseVersion
jessie1.5-1
buster1.20-1
sid1.20-1

Open issues

BugjessiebustersidDescription
CVE-2018-8017vulnerable (no DSA, ignored)fixedfixedIn Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an in ...
CVE-2018-1339vulnerable (no DSA, ignored)fixedfixedA carefully crafted (or fuzzed) file can trigger an infinite loop in A ...
CVE-2018-11762vulnerable (no DSA, ignored)fixedfixedIn Apache Tika 0.9 to 1.18, in a rare edge case where a user does not ...
CVE-2018-11761vulnerable (no DSA, ignored)fixedfixedIn Apache Tika 0.1 to 1.18, the XML parsers were not configured to lim ...
CVE-2016-4434vulnerable (no DSA)fixedfixedApache Tika before 1.13 does not properly initialize the XML parser or ...

Resolved issues

BugDescription
CVE-2018-17197A carefully crafted or corrupt sqlite file can cause an infinite loop ...
CVE-2018-1338A carefully crafted (or fuzzed) file can trigger an infinite loop in A ...
CVE-2018-1335From Apache Tika versions 1.7 to 1.17, clients could send carefully cr ...
CVE-2018-11796In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion lim ...
CVE-2016-6809Apache Tika before 1.14 allows Java code execution for serialized obje ...
CVE-2015-3271Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow re ...

Search for package or bug name: Reporting problems