CVE-2018-1335 is a vulnerability in Apache Tika
Published on April 25, 2018

From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.

Vendor Advisory NVD

Products Associated with CVE-2018-1335

Want to know whenever a new CVE is published for Apache Tika? stack.watch will email you.

Apache Tika

Affected Versions

Apache Software Foundation Apache Tika Version 1.7 to 1.17 is affected by CVE-2018-1335

Exploit Probability

EPSS

93.64%

Percentile

99.84%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1335 is a vulnerability in Apache TikaPublished on April 25, 2018

Products Associated with CVE-2018-1335

Affected Versions

Exploit Probability

CVE-2018-1335 is a vulnerability in Apache Tika
Published on April 25, 2018