CVE-2025-49656

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-49656

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49656.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-49656

Aliases

GHSA-jq2c-m8gg-mqcm

Downstream

DEBIAN-CVE-2025-49656

UBUNTU-CVE-2025-49656

Published

2025-07-21T10:15:25.440Z

Modified

2026-04-10T05:29:01.022689Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Users with administrator access can create databases files outside the files area of the Fuseki server.

This issue affects Apache Jena version up to 5.4.0.

Users are recommended to upgrade to version 5.5.0, which fixes the issue.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49656.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "5.5.0"
            }
        ]
    }
]