CVE-2022-30126 vulnerability in Apache and Other Products
Published on May 16, 2022

Apache Tika Regular Expression Denial of Service in Standards Extractor

In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0

NVD

Products Associated with CVE-2022-30126

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-30126 are published in these products:

Apache Tika

Oracle Primavera Unifier

Canonical Ubuntu Linux

Affected Versions

Apache Software Foundation Apache Tika:

Version Apache Tika, <= 1.28.1 is affected.

Exploit Probability

EPSS

1.31%

Percentile

79.55%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-30126 vulnerability in Apache and Other ProductsPublished on May 16, 2022

Products Associated with CVE-2022-30126

Affected Versions

Exploit Probability

CVE-2022-30126 vulnerability in Apache and Other Products
Published on May 16, 2022