NuytsTech Security

CVE-2018-11761

by ·

In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.

Date published : 2018-09-19

http://www.securityfocus.com/bid/105514

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Tags: