ID de Prueba:	1.3.6.1.4.1.25623.1.0.148125
Categoría:	Denial of Service
Título:	Apache Tika Server < 1.28.2, 2.x < 2.4.0 Multiple Vulnerabilities
Resumen:	Apache Tika Server is prone to multiple vulnerabilities.
Descripción:	Summary: Apache Tika Server is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2022-25169: The BPG parser may allocate an unreasonable amount of memory on carefully crafted files - CVE-2022-30126: A regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file Affected Software/OS: Apache Tika Server prior to version 1.28.2 and version 2.x prior to 2.4.0. Solution: Update to version 1.28.2, 2.4.0 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-25169 https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk https://www.oracle.com/security-alerts/cpujul2022.html http://www.openwall.com/lists/oss-security/2022/05/16/4 Common Vulnerability Exposure (CVE) ID: CVE-2022-30126 https://security.netapp.com/advisory/ntap-20220624-0004/ https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4 http://www.openwall.com/lists/oss-security/2022/05/16/3 http://www.openwall.com/lists/oss-security/2022/05/31/2 http://www.openwall.com/lists/oss-security/2022/06/27/5
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.