Infinite Loop Vulnerability in Apache Tika's PSDParser for Multiple Versions
CVE-2020-1951
5.5MEDIUM
What is CVE-2020-1951?
The vulnerability in Apache Tika's PSDParser allows an attacker to craft a malicious PSD file that results in an infinite loop, causing the parser to hang indefinitely. This can disrupt service and potentially expose system resources to denial of service conditions. Users of affected versions from 1.0 to 1.23 should take precautions by verifying PSD file integrity prior to parsing.
Affected Version(s)
Apache Tika Apache Tika 1.0-1.23