Description
In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (--extract-dir=) and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file.
Remediation
References
http://www.securityfocus.com/bid/105515
https://lists.apache.org/thread.html/ab2e1af38975f5fc462ba89b517971ef892ec3d06bee12ea2258895b%40%3Cdev.tika.apache.org%3E
Related Vulnerabilities
CVE-2023-26049 Vulnerability in maven package org.eclipse.jetty:jetty-http
CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core
CVE-2018-5382 Vulnerability in maven package org.bouncycastle:bcprov-jdk14
CVE-2021-29480 Vulnerability in maven package io.ratpack:ratpack-session