CVE-2018-1339: A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.

medium5.5CVSS 3.0

AVLACLPRNUIRSUCNINAH

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.

5 ranges

Vendor	Product	Version range	Fixed in
apache	tika	< 1.18	1.18
apache	tika	—	—
apache	tika	>= 0 < 1.18-1	1.18-1
apache_software_foundation	apache_tika	< 1.18	1.18
debian	tika	< tika 1.18-1 (bullseye)	tika 1.18-1 (bullseye)

nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

osv5.5MEDIUM