Medium severity5.5NVD Advisory· Published Apr 25, 2018· Updated Jun 17, 2026
CVE-2018-1338
CVE-2018-1338
Description
A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.tika:tika-coreMaven | < 1.18 | 1.18 |
Affected products
2Patches
Vulnerability mechanics
References
5- access.redhat.com/errata/RHSA-2018:2669nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-5mf7-26mw-3rqrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1338ghsaADVISORY
- lists.apache.org/thread.html/4d20c5748fb9f836653bc78a1bad991ba8485d82a1e821f70b641932@%3Cdev.tika.apache.org%3EghsaWEB
- lists.apache.org/thread.html/4d20c5748fb9f836653bc78a1bad991ba8485d82a1e821f70b641932%40%3Cdev.tika.apache.org%3Envd
News mentions
0No linked articles in our index yet.