org.apache.jena:jena-fuseki-webapp@3.13.0 vulnerabilities

latest version

5.5.0

latest non vulnerable version

5.5.0

first published

6 years ago

latest version published

13 days ago

licenses detected

Apache-2.0
[3.9.0,)

package registry

View on Maven Central Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.apache.jena:jena-fuseki-webapp package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Directory Traversal org.apache.jena:jena-fuseki-webapp is a Fuseki is a SPARQL 1.1 Server which provides the SPARQL query, SPARQL update and SPARQL graph store protocols. Affected versions of this package are vulnerable to Directory Traversal via the Fuseki Web UI. An attacker can create files outside the intended directory by specifying arbitrary file paths when creating databases. Note: This is only exploitable if the attacker has administrator privileges. How to fix Directory Traversal? Upgrade `org.apache.jena:jena-fuseki-webapp` to version 5.5.0 or higher.	[,5.5.0)

Directory Traversal

org.apache.jena:jena-fuseki-webapp is a Fuseki is a SPARQL 1.1 Server which provides the SPARQL query, SPARQL update and SPARQL graph store protocols.

Affected versions of this package are vulnerable to Directory Traversal via the Fuseki Web UI. An attacker can create files outside the intended directory by specifying arbitrary file paths when creating databases.

Note: This is only exploitable if the attacker has administrator privileges.

How to fix Directory Traversal?

Upgrade org.apache.jena:jena-fuseki-webapp to version 5.5.0 or higher.

[,5.5.0)

Go back to all versions of this package