tika-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aman Mishra (Jira)" <j...@apache.org>
Subject [jira] [Created] (TIKA-2952) Vulnerable "metadata-extractor 2.11.0" is present in tika 1.22.
Date Mon, 30 Sep 2019 12:51:00 GMT
Aman Mishra created TIKA-2952:
---------------------------------

             Summary: Vulnerable "metadata-extractor 2.11.0" is present in tika 1.22.
                 Key: TIKA-2952
                 URL: https://issues.apache.org/jira/browse/TIKA-2952
             Project: Tika
          Issue Type: Bug
            Reporter: Aman Mishra


We can see that metadata-extractor with version 2.11.0 is present in tika-bundle 1.22 jar.
We can see that even latest metadata-extractor with version 2.12.0 is also vulnerable.

 

So please confirm your side that "Is this vulnerability [CVE-2019-14262] is impacting to
tika or not ?"



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message