Test Kennung:	1.3.6.1.4.1.25623.1.0.148125
Kategorie:	Denial of Service
Titel:	Apache Tika Server < 1.28.2, 2.x < 2.4.0 Multiple Vulnerabilities
Zusammenfassung:	Apache Tika Server is prone to multiple vulnerabilities.
Beschreibung:	Summary: Apache Tika Server is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2022-25169: The BPG parser may allocate an unreasonable amount of memory on carefully crafted files - CVE-2022-30126: A regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file Affected Software/OS: Apache Tika Server prior to version 1.28.2 and version 2.x prior to 2.4.0. Solution: Update to version 1.28.2, 2.4.0 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-25169 https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk https://www.oracle.com/security-alerts/cpujul2022.html http://www.openwall.com/lists/oss-security/2022/05/16/4 Common Vulnerability Exposure (CVE) ID: CVE-2022-30126 https://security.netapp.com/advisory/ntap-20220624-0004/ https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4 http://www.openwall.com/lists/oss-security/2022/05/16/3 http://www.openwall.com/lists/oss-security/2022/05/31/2 http://www.openwall.com/lists/oss-security/2022/06/27/5
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.