Vulnerabilities > Apache > Tika > 1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-19 | CVE-2018-11761 | XXE vulnerability in multiple products In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. | 7.5 |
2018-04-25 | CVE-2018-1339 | Infinite Loop vulnerability in Apache Tika A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18. | 5.5 |
2018-04-25 | CVE-2018-1338 | Infinite Loop vulnerability in Apache Tika A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18. | 5.5 |
2018-04-25 | CVE-2018-1335 | Unspecified vulnerability in Apache Tika From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. | 8.1 |
2017-04-06 | CVE-2016-6809 | Deserialization of Untrusted Data vulnerability in Apache Nutch and Tika Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. | 9.8 |