Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2019-10093

In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://lists.apache.o...
MLIST: [tika-dev] 20190809 se...
MLIST: [tika-dev] 20190812 Re...
MLIST: [tika-dev] 20190813 Re...
CONFIRM: https://security.netap...
MISC: https://www.oracle.com...
MLIST: [lucene-solr-user] 202...
MISC: https://www.oracle.com...

Launchpad.net

CVE 2019-10093

Related bugs

References