Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2023-32200

Published: 12/07/2023 Updated: 20/07/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Apache

Vulnerability Summary

There is insufficient restrictions of called script functions in Apache Jena versions 4.8.0 and previous versions. It allows a remote user to execute javascript via a SPARQL query. This issue affects Apache Jena: from 3.7.0 up to and including 4.8.0.

Vulnerable Product Search on Vulmon Subscribe to Product

apache jena

Vendor Advisories

Debian CVElist Bug Report Logs: apache-jena: CVE-2023-32200
Debian Bug report logs - #1041108 apache-jena: CVE-2023-32200 Package: src:apache-jena; Maintainer for src:apache-jena is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 14 Jul 2023 21:42:11 UTC Severity: important Tags: security, ups ...

References

CWE-917https://lists.apache.org/thread/7hg0t2kws3fyr75dl7lll8389xzzc46zhttps://www.cve.org/CVERecord?id=CVE-2023-22665https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041108https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook