Apache Tika BPG Parser Memory Allocation Vulnerability

Apache Tika BPG Parser Memory Allocation Vulnerability

CVE-2022-25169 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.

Learn more about our Cis Benchmark Audit For Apache Http Server.