cvedb.io
CVE-2025-50151
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2025-07-21T10:15:25.837 · Last modified 2026-06-17T09:34:41.687

Summary

File access paths in configuration files uploaded by users with administrator access are not validated. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which does not allow arbitrary configuration upload.

Affected products

apache — jena

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.