Infinite Loop Vulnerability in Apache Tika's ChmParser
CVE-2018-1339

5.5MEDIUM

Key Information:

Vendor

Apache
Status
Apache Tika
Vendor
CVE Published:
25 April 2018

What is CVE-2018-1339?

A vulnerability exists in Apache Tika's ChmParser where a specially crafted file can cause an infinite loop, potentially leading to a denial of service condition. Affected users running versions of Apache Tika before 1.18 are advised to review their deployments and apply relevant updates to mitigate risks associated with this flaw.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Apache Tika < 1.18

References

https://access.redhat.com/errata/RHSA-2018:2669
vendor-advisoryx_refsource_REDHAT
https://lists.apache.org/thread.html/4d2cb5c819401bb075e2...
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.