Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-70282
HistoryJul 14, 2023 - 12:00 a.m.

Apache Jena Code Execution Vulnerability

2023-07-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
apache jena
code execution
vulnerability
semantic web
linked data
sparql query

0.002 Low

EPSS

Percentile

59.9%

JSON

Apache Jena is the United States Apache (Apache) Foundation of a Java Semantic Web framework. Used to build semantic Web and linked data applications. Apache Jena suffers from a code execution vulnerability that stems from insufficient restrictions on called script functions. An attacker can exploit the vulnerability to execute javascript via a SPARQL query.

CPENameOperatorVersion
apache jena >=3.7.0,le4.8.0

Related

cve 1
ubuntucve 1
debiancve 1
prion 1
veracode 1
ibm 1
github 1
cvelist 1
nvd 1
osv 1
cve
cve
CVE-2023-32200
2023-07-12 08:15:10
ubuntucve
ubuntucve
CVE-2023-32200
2023-07-12 00:00:00
debiancve
debiancve
CVE-2023-32200
2023-07-12 08:15:10
prion
prion
Authorization
2023-07-12 08:15:00
veracode
veracode
Remote Code Execution (RCE)
2023-07-26 10:23:10
ibm
ibm
Security Bulletin: IBM Integration Bus is vulnerable to a local attacker due to Apache Jena (CVE-2023-32200)
2023-11-28 08:59:58
github
github
Apache Jena Expression Language Injection vulnerability
2023-07-12 09:30:53
cvelist
cvelist
CVE-2023-32200 Apache Jena: Exposure of execution in script engine expressions.
2023-07-12 07:49:55
nvd
nvd
CVE-2023-32200
2023-07-12 08:15:10
osv
osv
Apache Jena Expression Language Injection vulnerability
2023-07-12 09:30:53

0.002 Low

EPSS

Percentile

59.9%

JSON
Related for CNVD-2023-70282
cve1ubuntucve1debiancve1prion1veracode1ibm1github1cvelist1nvd1osv1