In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.
References
Configurations
Information
Published : 2019-08-02 12:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-10093
Mitre link : CVE-2019-10093
JSON object : View
CWE
CWE-770
Allocation of Resources Without Limits or Throttling
Products Affected
apache
- tika