About Apache Tika (CVE-2022-33879): Second round of fixes for CVE-2022-30126 and CVE-2022-30973 (27th June 2022)

Preface: Backtracking is a technique based on algorithm to solve problem. It uses recursive calling to find the solution by building a solution step by step increasing values with time.

Background: Apache Tika is a content type detection and content extraction framework. The Apache Tika™ toolkit detects and extracts metadata and text from over a thousand different file types (such as PPT, XLS, and PDF). All of these file types can be parsed through a single interface, making Tika useful for search engine indexing, content analysis, translation, and much more. Perhaps we think Apache Tika is not popular in digital world. However, Analysis Panama Papers also uses Apache Tika.

Vulnerability details: The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, found a separate new regex DoS in a different regex in the StandardsExtractingContentHandler.

Reference:

CVE-2022-30973 – Published: 31 May 2022
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.3.

CVE-2022-30126 – 2022-06-06 22:57:18
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0

Solution: Fixed in 1.28.4 and 2.4.1.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.