VYPR

Maven package

org.apache.jena/jena-sdb

pkg:maven/org.apache.jena/jena-sdb

Vulnerabilities (1)

  • CVE-2022-45136Nov 14, 2022
    affected <= 3.17.0

    Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of