oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2023-34150: Apache Any23: Possible excessive allocation of resources reading input.

From: Arnout Engelen <engelen () apache org>
Date: Tue, 04 Jul 2023 12:16:34 +0000
Affected versions:

- Apache Any23 through 2.7

Description:

** UNSUPPORTED WHEN ASSIGNED ** Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage.

Credit:

Liran Mendelovich (finder)

References:

https://attic.apache.org/projects/any23.html
https://www.cve.org/CVERecord?id=CVE-2023-34150
Previous By Date Next
Previous By Thread Next

Current thread: