CVE-2018-11761

HIGH

Apache Tika 0.1-1.18 - XML External Entity Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-11761. PoCs published by brianwrf.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2018-11761, a denial-of-service (DoS) vulnerability in Apache Tika's XML parser. The exploit leverages XML Entity Expansion to cause excessive memory allocation and CPU utilization in Elasticsearch instances using Tika for attachment processing.

Description

In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.

Exploits (1)

nomisec WORKING POC 9 stars
by brianwrf · poc
https://github.com/brianwrf/CVE-2018-11761

This repository contains a proof-of-concept exploit for CVE-2018-11761, a denial-of-service (DoS) vulnerability in Apache Tika's XML parser. The exploit leverages XML Entity Expansion to cause excessive memory allocation and CPU utilization in Elasticsearch instances using Tika for attachment processing.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Elasticsearch (with Ingest Attachment Plugin using Apache Tika 1.17/1.18)
No auth needed
Prerequisites: Network access to Elasticsearch instance · Ingest Attachment Plugin enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.5
EPSS 0.1103
EPSS Percentile 93.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-611
Status published
Products (4)
apache/tika 0.1 - 1.18
oracle/business_process_management_suite 12.1.3.0.0
oracle/business_process_management_suite 12.2.1.3.0
org.apache.tika/tika-core 0.1 - 1.19.1Maven
Published Sep 19, 2018
Tracked Since Feb 18, 2026