CVE-2019-10088

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-10088
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10088.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-10088
Aliases
Downstream
Related
Published
2019-08-02T19:15:11.717Z
Modified
2026-03-15T15:03:42.243073Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.

References

Affected packages

Git / github.com/apache/tika

Affected ranges

Type
GIT
Repo
https://github.com/apache/tika
Events
Introduced
f9003a1fe1a1883008b62e78d01a582be6c06a8c
Last affected
7d4dd43eb40a500663b2bdd38f0a9ccb0569c1d7
Database specific 
{
    "versions": [
        {
            "introduced": "1.7"
        },
        {
            "last_affected": "1.21"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10088.json"