org.apache.jena:jena-core@2.7.0-incubating vulnerabilities
-
latest version
5.0.0
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
a month ago
-
licenses detected
- [2.7.0-incubating,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.jena:jena-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.jena:jena-core is a Java framework for building Semantic Web applications. It provides a programmatic environment for RDF, RDFS and OWL, SPARQL and includes a rule-based inference engine. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection in the How to fix XML External Entity (XXE) Injection? Upgrade |
[,4.2.0)
[4.4.0,4.5.0)
|
org.apache.jena:jena-core is a Java framework for building Semantic Web applications. It provides a programmatic environment for RDF, RDFS and OWL, SPARQL and includes a rule-based inference engine. Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. A vulnerability in XML processing in Apache Jena may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server. How to fix XML External Entity (XXE) Injection? Upgrade |
[,4.2.0)
|