Report advisory or correction
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE
CWE-770
References
[CVE-2022-25169] CWE-770: Allocation of Resources Without Limits or Throttling
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.