CVE-2018-17197

6.5MEDIUM

Key Information:

Vendor: Apache
Status: Apache Tika
Vendor: CVE Published:; 24 December 2018

Summary

A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika.

Affected Version(s)

Apache Tika Apache Tika 1.8-1.19.1

References

http://www.securityfocus.com/bid/106293

vdb-entryx_refsource_BID

https://lists.apache.org/thread.html/7c021a4ea2037e52e746...

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpuj...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 24, 2018
Vulnerability Reserved
Sep 19, 2018

.