openrefine Latest High & Critical Vulnerabilities

Latest High & Critical vulnerabilities published by openrefine

JSON RSS CSV 🔔 Create Alert Trigger

24 October 2024

OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
CVE-2024-47879
OpenrefineOpenrefine8.8HIGH
OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
CVE-2024-47881
OpenrefineOpenrefine8.8HIGH
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
CVE-2024-47883
OpenrefineSimile-butterfly9.1CRITICAL

12 February 2024

JDBC Attack Vulnerability in OpenRefine (versions <= 3.7.7)
CVE-2024-23833
OpenrefineOpenrefine7.5HIGH

15 September 2023

17 July 2023

Zip slip in OpenRefine
CVE-2023-37476
OpenrefineOpenrefine7.8HIGH

3 January 2019

Directory Traversal Vulnerability in OpenRefine by Google
CVE-2019-3580
OpenrefineOpenrefine7.5HIGH

15 December 2018

XML External Entity Vulnerability in OpenRefine by OpenRefine
CVE-2018-20157
OpenrefineOpenrefine7.5HIGH