CVE-2018-12418

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-12418

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12418.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-12418

Aliases

GHSA-5xqr-grq4-qwgx

Published

2018-06-14T16:29:00.287Z

Modified

2026-02-12T08:20:20.172376Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files.

References

Affected packages

Git / github.com/junrar/junrar

Affected ranges

Type: GIT
Repo: https://github.com/junrar/junrar
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

ad8d0ba8e155630da8a1215cee3f253e0af45817

Affected versions

junrar-0.*

junrar-0.6

junrar-0.7

junrar-1.*

junrar-1.0.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12418.json"

vanir_signatures

[
    {
        "deprecated": false,
        "digest": {
            "function_hash": "145857620223567996029137116286438769093",
            "length": 4088.0
        },
        "signature_type": "Function",
        "target": {
            "file": "src/main/java/com/github/junrar/Archive.java",
            "function": "readHeaders"
        },
        "source": "https://github.com/junrar/junrar/commit/ad8d0ba8e155630da8a1215cee3f253e0af45817",
        "id": "CVE-2018-12418-6fc21092",
        "signature_version": "v1"
    },
    {
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "61848226162040509026425208809654422939",
                "82929370500950814140171775565350247711",
                "83656549184040560912809626426366120893",
                "132489190379032574988264400544179086150",
                "291861890016564205267021021767424043413",
                "132755527424922626878451189780957399602",
                "308474128750075705812243863648956856673",
                "239787750981483798682773687471815391210",
                "121466762184247547740679226133116638225",
                "27339446157289136418435750068454373503",
                "54816324457123317606893742596373104444",
                "116271676576845632399385022527147191326",
                "82587516972932564419445988356511692515",
                "97218513989955308019481932096345818315",
                "224371662342810091634521742511738735056",
                "168249198959336241674724825290531149740",
                "41547962869864399331582303804660001935",
                "75633074488461503783329750493815262815",
                "96619335482884513151197498582998145007",
                "236513721427470569621841468957791645832",
                "177228948338385319942353312856558314661",
                "87293741918771190697691510391106411257",
                "271489666033279192447758164113841461802",
                "118097421574185898257205834051323735060",
                "301637650530658497639931866308062943607",
                "59276825878670391720339609287246853869",
                "320665298871698099622939584050055294923",
                "209157415018068250740098008729679184870",
                "227255013093106447151203168499626305451",
                "96111307702364585928164221555497349164",
                "92363407111853901740720434959535509250",
                "242021886797401198480662405866509543106",
                "63162045030655813394418086841345302522",
                "254420426153878736403100198602887875354",
                "35019365302057665972280030219723596035",
                "6785772283112521307827767963916820503",
                "181622851580298019649535297251634789030",
                "181182452054380891302395683909973301795",
                "55478799839625703009144808135220677951",
                "294718719296769786425858004717421840226",
                "263233138912472485551542786264572129719",
                "200767413392597977132773077635140541677",
                "66598137546243362774688931493772117613",
                "9755816445940494392916722342575019170",
                "31159330090635263913543514880847183456",
                "15400996423694754089034111984430977314",
                "55190392053324091900544182043453188748",
                "17799035238534315662235285938142486105",
                "338977994717380173233091063796266743273",
                "105843744987305923074263611669792308793",
                "211334184817657353109816659641910795885",
                "206272868426988623414415255516752807840",
                "20448926870118115299607344304080208388",
                "296135583504078680459555609167324143202",
                "168549191801407858030651870670570967483",
                "101070075607997028941462658932896810079",
                "304537112582319643702201917131342362952",
                "207325897412634238110198585409836262639",
                "34096246186676242448149979820187191770",
                "54818416326426392394130818656111957597",
                "182812351463675015331033635744897130003",
                "326832123283869868174622378467073896809",
                "112499672882063745104777187462613880703",
                "157773962636777934141127721133578795891",
                "166712254128436617979013664806956905466",
                "257027163884405675965242389650313524709",
                "7038800512549498263644643007655486715",
                "138708811075511478802084864944376899942",
                "35611765638318387431512680493255871471",
                "197939085892143523273366667206147534988",
                "124763317466614766493917230904670577061",
                "164633643294422699567599682458993359807",
                "277602733812311717482762398012420498052",
                "193276313709146496219554188756089315287",
                "163808980005521330500164424478026727456",
                "124749996259721877482418616031894910175",
                "55198323122173785829968947991022764901",
                "245066222659453667635303965958065855405",
                "23312177117569309886916010990154049257",
                "339398523168644164021542899493488668465"
            ]
        },
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/com/github/junrar/Archive.java"
        },
        "source": "https://github.com/junrar/junrar/commit/ad8d0ba8e155630da8a1215cee3f253e0af45817",
        "id": "CVE-2018-12418-ebb6cd22",
        "signature_version": "v1"
    }
]