Search CVE reports

Toggle filters

21 – 24 of 24 results

CVE-2018-1335

Medium priority
Needs evaluation

From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects...

1 affected package

tika

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
tika Not affected Not affected Not affected Not affected
Show less packages

CVE-2016-4434

Medium priority
Vulnerable

Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity (XXE) attacks via vectors involving (1) spreadsheets in OOXML files and (2)...

1 affected package

tika

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
tika Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-6809

Medium priority
Not affected

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization.

1 affected package

tika

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
tika
Show less packages

CVE-2015-3271

Medium priority
Ignored

Apache Tika server (aka tika-server) in Apache Tika 1.9 might allow remote attackers to read arbitrary files via the HTTP fileUrl header.

1 affected package

tika

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
tika Not affected
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. Next page
Export to JSON