{"id":"CVE-2018-1339","details":"A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.","aliases":["GHSA-p699-3wgc-7h72"],"modified":"2026-04-10T04:05:19.417156Z","published":"2018-04-25T21:29:00.420Z","references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/4d2cb5c819401bb075e2a1130e0d14f0404a136541a6f91da0225828%40%3Cdev.tika.apache.org%3E"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2669"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/tika","events":[{"introduced":"0"},{"fixed":"38ff2a986af24ee255f1f91d654ea402f4016696"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.18"}]}}],"versions":["1.12","1.12-rc1","1.15-rc1","1.17","1.18-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1339.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}