Rewterz Threat Advisory – Multiple Apache Struts Vulnerabilities
June 1, 2022Rewterz Threat Advisory –CVE-2021-42013 – Apache HTTP Server Vulnerability
June 1, 2022Rewterz Threat Advisory – Multiple Apache Struts Vulnerabilities
June 1, 2022Rewterz Threat Advisory –CVE-2021-42013 – Apache HTTP Server Vulnerability
June 1, 2022Severity
Medium
Analysis Summary
CVE-2022-30973
Apache Tika is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the StandardsText class in the StandardsExtractingContentHandler. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-30973
Affected Vendors
Apache
Affected Products
Apache Tika 1.28.2
Remediation
Upgrade to the latest version of Apache Tika, available from the Apache Web site.