CVE-2018-1335 – Command Injection Vulnerability in Apache Tika’s tika-server
module
Severity: High
Vendor: The Apache Software Foundation
Versions Affected: <1.18
Description: Before Tika 1.18, clients could send carefully crafted
headers to tika-server that could be used to inject
The Apache Tika project is pleased to announce the release of Apache Tika
1.18.
The release contents have been pushed out to the main Apache release site
and to the Maven
Central sync, so the releases should be available as soon as the mirrors
get the syncs.
Apache Tika is a toolkit for
