[java-sig-commits] [Bug 1572416] CVE-2018-1335 tika: Command injection in tika-server can allow remote attackers to execute arbitrary commands via crafted headers

Friday, 27 April 2018

https://bugzilla.redhat.com/show_bug.cgi?id=1572416

--- Comment #4 from Kurt Seifried <kseifried(a)redhat.com&gt; ---
Statement:

This issue affects the versions of tika which is embedded in the nutch package 
as shipped with Red Hat Satellite 5. The tika server is not exposed, as such
exploitation is difficult, Red Hat Product Security has rated this issue as
having a security impact of Low. A future update may address this issue. For
additional information, refer to the Issue Severity Classification:
https://access.redhat.com/security/updates/classification/.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

[java-sig-commits] [Bug 1572416] CVE-2018-1335 tika: Command injection in tika-server can allow remote attackers to execute arbitrary commands via crafted headers