CVE-2022-25169

Summary

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache TikaApache Tika <= 1.28.1affected

Weaknesses

  • DoS caused by unreasonable memory allocation

ADP Enrichment

CVE Program Container

Additional References

References