jena-sdb is vulnerable to deserialization of untrusted data. The vulnerability exists when the attacker is able to control the JDBC url or cause the underlying database server to return malicious data, leading to remote code execution when connected to a malicious database.
CPE | Name | Operator | Version |
---|---|---|---|
apache jena - sdb (sql based triple store) | le | 3.17.0 | |
apache jena - sdb (sql based triple store) | le | 3.17.0 |