VDB

DEBIAN-CVE-2021-28657

DEBIAN-CVE-2021-28657 PUBLISHED CVSS 5.5 MEDIUM

A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:11tika0, 1.22-2, 1.22-2

Exploit Intelligence

Timeline

  • Mar 31, 2021 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›