CVE-2022-25169

Published: May 16, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-25169" target="_blank" rel="noopener"> CVE-2022-25169
GHSA: <a href="https://github.com/advisories/GHSA-7qcq-xp2f-56f6" target="_blank" rel="noopener"> GHSA-7qcq-xp2f-56f6
Severity: Medium
Exploit:

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.

CVSS v3:

CVSS v2:

CWEs: