Information on source package tika

Available versions

ReleaseVersion
jessie1.5-1
buster1.20-1
bullseye1.22-1
sid1.22-1

Open issues

BugjessiebusterbullseyesidDescription
CVE-2019-10094fixedvulnerablefixedfixedA carefully crafted package/compressed file that, when unzipped/uncomp ...
CVE-2019-10093vulnerablevulnerable (no DSA)fixedfixedIn Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file ...
CVE-2019-10088fixedvulnerable (no DSA)fixedfixedA carefully crafted or corrupt zip file can cause an OOM in Apache Tik ...
CVE-2018-8017vulnerable (no DSA, ignored)fixedfixedfixedIn Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an in ...
CVE-2018-1339vulnerable (no DSA, ignored)fixedfixedfixedA carefully crafted (or fuzzed) file can trigger an infinite loop in A ...
CVE-2018-11762vulnerable (no DSA, ignored)fixedfixedfixedIn Apache Tika 0.9 to 1.18, in a rare edge case where a user does not ...
CVE-2018-11761vulnerable (no DSA, ignored)fixedfixedfixedIn Apache Tika 0.1 to 1.18, the XML parsers were not configured to lim ...
CVE-2016-4434vulnerable (no DSA)fixedfixedfixedApache Tika before 1.13 does not properly initialize the XML parser or ...

Resolved issues

BugDescription
CVE-2018-17197A carefully crafted or corrupt sqlite file can cause an infinite loop ...
CVE-2018-1338A carefully crafted (or fuzzed) file can trigger an infinite loop in A ...
CVE-2018-1335From Apache Tika versions 1.7 to 1.17, clients could send carefully cr ...
CVE-2018-11796In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion lim ...
CVE-2016-6809Apache Tika before 1.14 allows Java code execution for serialized obje ...
CVE-2015-3271Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow re ...

Search for package or bug name: Reporting problems