Vulnerabilities > Apache > Jena > 4.8.0

DATE CVE VULNERABILITY TITLE RISK
2023-07-12 CVE-2023-32200 Expression Language Injection vulnerability in Apache Jena
There is insufficient restrictions of called script functions in Apache Jena versions 4.8.0 and earlier.
network
low complexity
apache CWE-917
8.8
8.8
2023-04-25 CVE-2023-22665 Expression Language Injection vulnerability in Apache Jena
There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts.
network
low complexity
apache CWE-917
5.4
5.4