CVE-2018-11762 is a vulnerability in Apache Tika
Published on September 19, 2018

In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (--extract-dir=) and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file.

NVD

Products Associated with CVE-2018-11762

Want to know whenever a new CVE is published for Apache Tika? stack.watch will email you.

Apache Tika

Affected Versions

Apache Software Foundation Apache Tika Version 0.9 to 1.18 is affected by CVE-2018-11762

Exploit Probability

EPSS

0.87%

Percentile

74.92%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-11762 is a vulnerability in Apache TikaPublished on September 19, 2018

Products Associated with CVE-2018-11762

Affected Versions

Exploit Probability

CVE-2018-11762 is a vulnerability in Apache Tika
Published on September 19, 2018