CVE-2026-2332 vulnerabilities

Vulnerabilities for packages: neo4j, strimzi-kafka-operator-fips, apache-pulsar-fips, apache-nifi, jenkins, apache-hop-fips, akhq, solr, spark-kubernetes-operator, apache-hop, kafka, apache-pulsar, spark-kubernetes-operator-fips, apache-jena-fuseki, wso2is, clojure-tools, kafka-fips...

GHSA-355H-QMC2-WPWF vulnerabilities

Vulnerabilities for packages: neo4j, strimzi-kafka-operator-fips, apache-pulsar-fips, apache-nifi, jenkins, apache-hop-fips, akhq, solr, spark-kubernetes-operator, apache-hop, kafka, apache-pulsar, spark-kubernetes-operator-fips, apache-jena-fuseki, wso2is, clojure-tools, kafka-fips...

GHSA-3PXV-7CMR-FJR4 vulnerabilities

Vulnerabilities for packages: celeborn, akhq, solr, apache-hop, nuxeo, airflow, logstash, spark, apache-tika, commercial-elasticsearch, elasticsearch-fips, wavefront-proxy, apache-hop-fips, infinispan, apache-camel-karavan-devmode, apache-pulsar, camunda-zeebe, apache-activemq-artemis, wso2is,...

CVE-2026-34480 vulnerabilities

Vulnerabilities for packages: celeborn, akhq, solr, apache-hop, nuxeo, airflow, logstash, spark, apache-tika, commercial-elasticsearch, elasticsearch-fips, wavefront-proxy, apache-hop-fips, infinispan, apache-camel-karavan-devmode, apache-pulsar, camunda-zeebe, apache-activemq-artemis, wso2is,...

GHSA-C4QC-4Q9P-M9Q9 vulnerabilities

Vulnerabilities for packages: neo4j, apache-jena-fuseki...

CVE-2026-23901 vulnerabilities

Vulnerabilities for packages: neo4j, apache-jena-fuseki...

EUVD-2019-0208

Malware in sbrugna...

EUVD-2025-22076

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-33192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena...

Linux Distros Unpatched Vulnerability : CVE-2025-49656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Users with administrator access can create databases files outside the files area of the Fuseki server. This issue affects Apache Jena version up to 5.4.0. User...

Apache Jena Fuseki vulnerable to path traversal

Overview Jena Fuseki provided by The Apache Software Foundation contains the following vulnerability. Path traversal CWE-22 - CVE-2025-49656 Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to the developer and IPA. After the coordination between the reporter and the...

JVN#90566559: Apache Jena Fuseki vulnerable to path traversal

Jena Fuseki provided by The Apache Software Foundation contains the following vulnerability. Path traversal CWE-22 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Base Score 2.7 CVE-2025-49656 Impact A remore...

Apache Jena Path Traversal Vulnerability

Apache Jena is the Apache Software Foundation's Semantic Web framework for building and processing RDF data. A path traversal vulnerability exists in Apache Jena 5.4.0 and earlier versions, which originates from a user with administrator privileges being able to create database files outside of t...

io.telicent.smart-caches.graph:docker (>=0.82.10 <=0.83.11), io.telicent.smart-caches.graph:scg-system (>=0.82.10 <=0.83.11) +1 more potentially affected by CVE-2025-49656 via org.apache.jena:jena-fuseki-webapp (>=5.0.0-rc1 <=5.4.0)

org.apache.jena:jena-fuseki-webapp MAVEN version =5.0.0-rc1, =0.82.10, =0.82.10, =5.0.0, =5.4.0 Source cves: CVE-2025-49656 Source advisory: SNYK:JAVA-ORGAPACHEJENA-10874850...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the configuration file upload process. An attacker with administrative privileges could create datasets with arbitrary names and locations, causing unintended behavior and potentially causing a denial of...

Directory Traversal

Overview org.apache.jena:jena-fuseki-webapp is a Fuseki is a SPARQL 1.1 Server which provides the SPARQL query, SPARQL update and SPARQL graph store protocols. Affected versions of this package are vulnerable to Directory Traversal via the Fuseki Web UI. An attacker can create files outside the...

io.github.sparql-anything:sparql-anything-fuseki (>=v1.0-DEV.3 <=v1.0.0), io.telicent.jena.graphql:graphql-fuseki-module (>=0.6.0 <=0.10.4) +12 more potentially affected by CVE-2025-50151 via org.apache.jena:jena-fuseki-main (>=5.0.0-rc1 <=5.4.0)

org.apache.jena:jena-fuseki-main MAVEN version =5.0.0-rc1, =v1.0-DEV.3, =0.6.0, =1.3.2, =0.72.1, =0.71.2, =0.71.2, =1.0.0, =0.80.0, =0.80.0, =1.2.0, =5.0.0, =5.0.0, =5.4.0 - zone.cogni.semanticz:semanticz-connector-fuseki =2.0.0 - zone.cogni.semanticz:semanticz-connectors-spring =2.0.0 Source cve...

org.graphity:core (>=1.1.1 <=1.1.3), org.rdfhdt:hdt-fuseki (=1.1) +6 more potentially affected by CVE-2025-49656 via org.apache.jena:jena-fuseki (>=1.0.0 <=1.1.0)

org.apache.jena:jena-fuseki MAVEN version =1.0.0, =1.1.1, =0.7, =0.7, =0.7, =0.7, =0.7, =0.7, =0.7.1 Source cves: CVE-2025-49656 Source advisory: OSV:GHSA-JQ2C-M8GG-MQCM...

GHSA-JQ2C-M8GG-MQCM Apache Jena allows users with administrator access to create databases files outside the files area of the Fuseki server

Users with administrator access can create databases files outside the files area of the Fuseki server. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which fixes the issue...

Apache Jena allows users with administrator access to create databases files outside the files area of the Fuseki server

Users with administrator access can create databases files outside the files area of the Fuseki server. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which fixes the issue...