A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
References
Configurations
History
No history.
Information
Published : 2019-08-02 19:15
Updated : 2024-02-04 20:20
NVD link : CVE-2019-10094
Mitre link : CVE-2019-10094
CVE.ORG link : CVE-2019-10094
JSON object : View
Products Affected
apache
- tika
CWE
CWE-770
Allocation of Resources Without Limits or Throttling