vulnerability

Ubuntu: (CVE-2019-10094): tika vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Aug 2, 2019	Nov 19, 2024	Aug 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Aug 2, 2019

Added

Nov 19, 2024

Modified

Aug 18, 2025

Description

A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.

Solution

ubuntu-upgrade-tika

References

CVE-2019-10094
https://attackerkb.com/topics/CVE-2019-10094
CWE-770
URL-https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E
URL-https://www.cve.org/CVERecord?id=CVE-2019-10094
URL-https://www.openwall.com/lists/oss-security/2019/08/02/4

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today