| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-10093 | 4.3 |
In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.
|
24-08-2020 - 17:37 | 02-08-2019 - 19:15 | |
| CVE-2019-10094 | 6.8 |
A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
|
24-08-2020 - 17:37 | 02-08-2019 - 19:15 | |
| CVE-2019-10088 | 6.8 |
A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.
|
24-08-2020 - 17:37 | 02-08-2019 - 19:15 | |
| CVE-2019-1009 | 4.3 |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977, CVE-2019-1
|
09-08-2019 - 16:15 | 12-06-2019 - 14:29 |