CVE Vulnerabilities

CVE-2018-17197

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Dec 24, 2018 | Modified: Nov 21, 2024
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
6.5 MODERATE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tikas SQLite3Parser in versions 1.8-1.19.1 of Apache Tika.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Tika Apache 1.8 (including) 1.19.1 (including)
Tika Ubuntu bionic *
Tika Ubuntu cosmic *
Tika Ubuntu eoan *
Tika Ubuntu groovy *
Tika Ubuntu hirsute *
Tika Ubuntu impish *
Tika Ubuntu kinetic *
Tika Ubuntu lunar *
Tika Ubuntu mantic *
Tika Ubuntu xenial *

References