CVE-2019-10094

Priority
Description
A carefully crafted package/compressed file that, when
unzipped/uncompressed yields the same file (a quine), causes a
StackOverflowError in Apache Tika's RecursiveParserWrapper in versions
1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
Notes
Package
Source: tika (LP Ubuntu Debian)
Upstream:released (1.22-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not present)
Ubuntu 20.04 LTS (Focal Fossa):released (1.22-1)
More Information

Updated: 2020-09-10 06:03:51 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)