feilimb commented on issue #3288: URL: https://github.com/apache/jena/issues/3288#issuecomment-3159293411
Can I ask: was this issue related to either of the following CVE's: CVE-2025-50151, CVE-2025-49656 A project I work on, identified the CVEs above as being present, due to our inclusion of _jena-iri_ 5.2.0, by the OWASP scanner. I suspect however, that the above CVEs only affected the _jena-fuseki_ project. When the CVE issue is reported, would it be possible to include which specific jena project(s) is/are affected, as otherwise the vulnerability scanners out there simply see the word 'jena' and it is difficult to determine the sub-project which the CVE relates to. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
