5 matches found
GHSA-G2QW-6VRR-V6PQ Apache Jena vulnerable to Deserialization of Untrusted Data
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...
Design/Logic Flaw
UNSUPPORTED WHEN ASSIGNED Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this...
UBUNTU-CVE-2022-45136
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...
CVE-2022-45136 Apache Jena SDB allows arbitrary deserialisation via JDBC
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...
PT-2022-27413 · Apache +1 · Apache Jena Tdb 2 +2
Name of the Vulnerable Software and Affected Versions: Apache Jena SDB versions 3.17.0 and earlier Description: The issue allows for a JDBC Deserialisation attack if the attacker can control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver ...