CVE-2019-10088

Description

A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.

• How can I get the fixes?
• What do statuses mean?
• Patch details

Patch details

Severity score breakdown

CVSS version: CVSS v3.0

References

• MITRE
• NVD
• Launchpad
• Debian

Other references

• https://www.openwall.com/lists/oss-security/2019/08/02/2
• https://lists.apache.org/thread.html/1c63555609b737c20d1bbfa4a3e73ec488e3408a84e2f5e47e1b7e08@%3Cdev.tika.apache.org%3E
• https://www.cve.org/CVERecord?id=CVE-2019-10088