CVE-2019-10088

Priority
Description
A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's
RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22
or later.
Notes
Package
Source: tika (LP Ubuntu Debian)
Upstream:released (1.22-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not present)
Ubuntu 19.04 (Disco Dingo):needed
Ubuntu 19.10 (Eoan Ermine):released (1.22-1)
Ubuntu 20.04 (Focal Fossa):released (1.22-1)
Patches:
Upstream:https://github.com/apache/tika/commit/426be73b9e7500fa3d441231fa4e473de34743f6
More Information

Updated: 2019-12-05 19:58:13 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)