GHSA-ccjp-w723-2jf2

Suggest an improvement
Source
https://github.com/advisories/GHSA-ccjp-w723-2jf2
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-ccjp-w723-2jf2/GHSA-ccjp-w723-2jf2.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-ccjp-w723-2jf2
Aliases
  • CVE-2015-3271
Published
2018-10-17T15:44:10Z
Modified
2023-11-01T04:46:05.368776Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
Apache Tika Server exposes sensitive information
Details

Apache Tika provides optional functionality to run itself as a web service to allow remote use. When used in this manner, it's possible for a 3rd party to pass a 'fileUrl' header to the Apache Tika Server (tika-server) before version 1.10. This header lets a remote client request that the server fetches content from the URL provided, including files from the server's local filesystem. Depending on the file permissions set on the local filesystem, this could be used to return sensitive content from the server machine.

This vulnerability only exists if you are running the tika-server version 1.9, and you allow un-trusted access to the tika-server URL. Usage of Apache Tika as a standard library is not affected.

Database specific
{
    "nvd_published_at": "2016-12-15T22:59:00Z",
    "cwe_ids": [
        "CWE-200"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:31:02Z"
}
References

Affected packages

Maven / org.apache.tika:tika-server

Package

Name
org.apache.tika:tika-server
View open source insights on deps.dev
Purl
pkg:maven/org.apache.tika/tika-server

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10

Affected versions

1.*

1.2
1.3
1.4
1.5
1.6
1.7
1.8
1.9