CVE-2022-28890 is a vulnerability in Apache Jena
Published on May 5, 2022

Processing external DTDs
A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities.

NVD

Products Associated with CVE-2022-28890

Want to know whenever a new CVE is published for Apache Jena? stack.watch will email you.

Apache Jena

Affected Versions

Apache Software Foundation Apache Jena:

Version Apache Jena, <= 4.4.0 is affected.

Exploit Probability

EPSS

0.56%

Percentile

68.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-28890 is a vulnerability in Apache JenaPublished on May 5, 2022

Products Associated with CVE-2022-28890

Affected Versions

Exploit Probability

CVE-2022-28890 is a vulnerability in Apache Jena
Published on May 5, 2022