CVE-2025-50151

CVE-2025-50151: Apache Jena: Configuration files uploaded by administrative users are not check properly

Vendor Apache Software Foundation

Product Apache Jena

Weakness CWE-20 · Input validation

Published July 21, 2025

Last update November 4, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

File access paths in configuration files uploaded by users with administrator access are not validated. This issue affects Apache Jena version up to 5.4.0. Users are recommended to upgrade to version 5.5.0, which does not allow arbitrary configuration upload.

Key dates

Disclosure timeline

July 21, 2025 CVE published

November 4, 2025 Record updated