CVE-2021-28657

Loop with Unreachable Exit Condition (Infinite Loop) in maven/org.apache.tika/tika-app

Identifiers

CVE-2021-28657

Package Slug

maven/org.apache.tika/tika-app

Vulnerability

Loop with Unreachable Exit Condition (Infinite Loop)

Description

A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser.

Affected Versions

All versions up to 1.25

Solution

Upgrade to version 1.26 or above.

Last Modified

2021-04-09

source