CVE-2018-17197

Published: Dec 24, 2018Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika.

Affected (1)

Products: Apache: Tika

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apache Tika	From 1.8 to 1.19.1

Related CWEs

Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (10)

http://www.securityfocus.com/bid/106293

Source: security@apache.org

Third Party AdvisoryVDB Entry

https://lists.apache.org/thread.html/7c021a4ea2037e52e74628e17e8e0e2acab1f447160edc8be0eae6d3%40%3Cdev.tika.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E

Source: security@apache.org

https://www.oracle.com/security-alerts/cpuapr2020.html

Source: security@apache.org

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Source: security@apache.org

http://www.securityfocus.com/bid/106293

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://lists.apache.org/thread.html/7c021a4ea2037e52e74628e17e8e0e2acab1f447160edc8be0eae6d3%40%3Cdev.tika.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.oracle.com/security-alerts/cpuapr2020.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.