Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.tika/tika-parser-image-module@2.4.0
Typemaven
Namespaceorg.apache.tika
Nametika-parser-image-module
Version2.4.0
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-eu4h-uqdw-n7ez
vulnerability_id VCID-eu4h-uqdw-n7ez
summary 
Allocation of Resources Without Limits or Throttling
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.
references
0
reference_url https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk
reference_id
reference_type
scores
url https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk
1
reference_url http://www.openwall.com/lists/oss-security/2022/05/16/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2022/05/16/4
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25169
reference_id CVE-2022-25169
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-25169
fixed_packages
0
url pkg:maven/org.apache.tika/tika-parser-image-module@1.28.2
purl pkg:maven/org.apache.tika/tika-parser-image-module@1.28.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parser-image-module@1.28.2
1
url pkg:maven/org.apache.tika/tika-parser-image-module@2.4.0
purl pkg:maven/org.apache.tika/tika-parser-image-module@2.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parser-image-module@2.4.0
aliases CVE-2022-25169
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eu4h-uqdw-n7ez
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tika/tika-parser-image-module@2.4.0