openrefine Summary
Latest vulnerabilities published by openrefine
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
OpenRefine Addresses Vulnerability in Load-Language Command
CVE-2024-49760OpenrefineOpenrefine5.3MEDIUMReflected cross-site scripting vulnerability (XSS) in GData extension (authorized.vt)
CVE-2024-47878OpenrefineOpenrefine6.1MEDIUMOpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
CVE-2024-47879OpenrefineOpenrefine8.8HIGHOpenRefine has a reflected cross-site scripting vulnerability from POST request in ExportRowsCommand
CVE-2024-47880OpenrefineOpenrefine6.9MEDIUMOpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
CVE-2024-47881OpenrefineOpenrefine8.8HIGHOpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project
CVE-2024-47882OpenrefineOpenrefine6.1MEDIUMButterfly has path/URL confusion in resource handling leading to multiple weaknesses
CVE-2024-47883OpenrefineSimile-butterfly9.1CRITICALJDBC Attack Vulnerability in OpenRefine (versions <= 3.7.7)
CVE-2024-23833OpenrefineOpenrefine7.5HIGHOpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack
CVE-2023-41886OpenRefineOpenRefine7.5HIGHRemote Code exec in project import with mysql jdbc url attack
CVE-2023-41887OpenRefineOpenRefineEPSS 33%9.8CRITICALServer-Side Request Forgery Vulnerability in OpenRefine by OpenRefine
CVE-2022-41401OpenrefineOpenrefineπΎπ‘6.5MEDIUMZip slip in OpenRefine
CVE-2023-37476OpenrefineOpenrefine5.5MEDIUMDirectory Traversal Vulnerability in OpenRefine by Google
CVE-2019-3580OpenrefineOpenrefine7.5HIGHXML External Entity Vulnerability in OpenRefine by OpenRefine
CVE-2018-20157OpenrefineOpenrefine7.5HIGHDirectory Traversal Vulnerability in OpenRefine by MetaWeb
CVE-2018-19859OpenrefineOpenrefineπΎπ‘EPSS 13%6.5MEDIUM
24 October 2024
12 February 2024
15 September 2023
4 August 2023
17 July 2023
3 January 2019
15 December 2018
5 December 2018
No more vulnerabilities to load.