CVE-2019-10094

Summary

A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.

Affected Software

VendorProductVersion RangeStatus
ApacheApache Tika1.7 to 1.21affected

Weaknesses

  • DoS

ADP Enrichment

CVE Program Container

Additional References

References