vulnerability
Ubuntu: (CVE-2019-10093): tika vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Aug 2, 2019 | Nov 19, 2024 | Mar 27, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Aug 2, 2019
Added
Nov 19, 2024
Modified
Mar 27, 2026
Description
In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.
Solution
ubuntu-upgrade-tika
References
- CVE-2019-10093
- https://attackerkb.com/topics/CVE-2019-10093
- CWE-770
- EUVD-EUVD-2019-0618
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-0618
- https://lists.apache.org/thread.html/a5a44eff1b9eda3bc69d22943a1030c43d376380c75d3ab04d0c1a21@%3Cdev.tika.apache.org%3E
- https://www.cve.org/CVERecord?id=CVE-2019-10093
- https://www.openwall.com/lists/oss-security/2019/08/02/3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.