CVE-2022-33879

CVSS v3.1 3.3 (Low)

CVSS v2.0 2.6 (Low)

EPSS 0.07 % (33^th)

Affected Products 1

Advisories 3

The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.

Weaknesses

CWE-NVD-Other

Related CVEs

CVE-2022-30126
CVE-2022-30973

CVE Status: PUBLISHED
CNA: Apache Software Foundation
Published Date: 2022-06-27 22:15:09
(2 years ago)
Updated Date: 2022-10-28 13:53:14
(23 months ago)

Affected Products

Apache

Tika

Configuration #1

		CPE23	From	Up To
	Apache Tika prior 1.28.4 version	cpe:2.3:a:apache:tika		< 1.28.4
	Apache Tika from 2.0.0 version and prior 2.4.1 version	cpe:2.3:a:apache:tika	>= 2.0.0	< 2.4.1