SPARQL 1.1 query engine and RDF parsers for Apache Jena
Known vulnerabilities in the org.apache.jena:jena-arq package. This does not include vulnerabilities belonging to this package’s dependencies.Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
org.apache.jena:jena-arq is a SPARQL 1.1 query engine for Apache Jena.
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A vulnerability in XML processing in Apache Jena may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server.
How to fix XML External Entity (XXE) Injection?