Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2019-10094

A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://lists.apache.o...
MLIST: [tika-dev] 20190809 se...
MLIST: [tika-dev] 20190812 Re...
MLIST: [tika-dev] 20190813 Re...
MISC: https://www.oracle.com...
MLIST: [lucene-solr-user] 202...
MISC: https://www.oracle.com...

Launchpad.net

CVE 2019-10094

Related bugs

References