CNNVD-202507-2628 Information

CNNVD ID

CNNVD-202507-2628

Related CVE

CVE-2025-49656

• CNNVD Published: 2025-07-21

Description (Chinese)

Apache Jena是美国阿帕奇（Apache）基金会的一个Java语义网框架。用于构建语义Web和链接数据应用程序。 Apache Jena 5.4.0及之前版本存在安全漏洞，该漏洞源于管理员可创建数据库文件在Fuseki服务器文件区域外。

Description (English)

Apache Jena is a Java semantic network framework of the Apache Foundation in the United States. To build a semantic Web and linked data application. There is a security loophole in Apache Jena 5.4.0 and earlier versions, which stems from the fact that administrators can create database files outside the Fuseki server file area.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-07-21

Last Modified

2026-02-24

References

https://lists.apache.org/thread/qmm21som8zct813vx6dfd1phnfro6mwq https://access.redhat.com/security/cve/cve-2025-49656

Patch

https://jena.apache.org/download/index.cgi