CVE-2021-28657

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-28657
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28657.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-28657
Aliases
Downstream
Related
Published
2021-03-31T08:15:11.267Z
Modified
2026-03-15T22:37:08.408150Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.

References

Affected packages

Git / github.com/apache/tika

Affected ranges

Type
GIT
Repo
https://github.com/apache/tika
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0090ebac8e4ff4083a9c0c5d3dc55f545ad6f951
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.25"
        }
    ]
}

Affected versions

1.*
1.12
1.12-rc1
1.13
1.13-rc1
1.14
1.14-rc1
1.15
1.15-rc1
1.16
1.17
1.18
1.18-rc1
1.18-rc2
1.19
1.19.1
1.19.1-rc1
1.20
1.21
1.22
1.23
1.23-rc1
1.24
1.24.1
1.25

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28657.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.3.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.1.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "17.7"
            },
            {
                "last_affected": "17.12"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.8"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "19.12"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "20.12"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "12.2.1.3.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "12.2.1.4.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.1"
            }
        ]
    }
]