CVE-2020-1950

CWE-400Uncontrolled Resource Consumption15 documents9 sources
Severity
5.5MEDIUM
EPSS
0.4%
top 38.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Apache TikaApache Apache TikaCanonical Ubuntu Linux+4 more
Timeline
PublishedMar 23
Latest updateMay 23

Description

A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

Mavenorg.apache.tika:tika1.01.24
NVDapache/tika1.01.23
CVEListV5apache/apache_tikaApache Tika 1.0-1.23
Debiantika< 1.22-2
Ubuntutika< 1.5-4ubuntu0.1+2

Also affects: Debian Linux 8.0, Ubuntu Linux 16.04

Patches

Patch: www.oracle.comPatch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

6
OSV
tika vulnerabilities2025-05-23
OSV
Uncontrolled Resource Consumption in Apache Tika2021-05-07
GHSA
Uncontrolled Resource Consumption in Apache Tika2021-05-07
OSV
tika vulnerabilities2020-10-05
OSV
CVE-2020-1950: A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 12020-03-23

📋Vendor Advisories

5
Ubuntu
Apache Tika vulnerabilities2025-05-23
Ubuntu
Apache Tika vulnerabilities2020-10-05
Red Hat
tika: excessive memory usage in PSDParser2020-03-18
Debian
CVE-2020-1950: tika - A carefully crafted or corrupt PSD file can cause excessive memory usage in Apac...2020
Apache
Apache tika: CVE-2020-1950

💬Community

2
Bugzilla
CVE-2020-1950 tika: excessive memory usage in PSDParser2020-04-09
Bugzilla
CVE-2020-1950 tika: excessive memory usage in PSDParser [fedora-all]2020-04-09
CVE-2020-1950 (MEDIUM CVSS 5.5) | A carefully crafted or corrupt PSD | cvebase.io