Vulnerability Database

Published: Apr 25, 2018
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-1338" target="_blank" rel="noopener"> CVE-2018-1338
GHSA: <a href="https://github.com/advisories/GHSA-5mf7-26mw-3rqr" target="_blank" rel="noopener"> GHSA-5mf7-26mw-3rqr
Severity: Low
Exploit:

313,825

Total vulnerabilities in the database

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

CVSS v2:

CWEs:

Software	From	Fixed in
apache / tika	-	1.18
org.apache.tika / tika-core	-	1.18

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.