Lucene search
K

5 matches found

OSV
OSV
added 2025/02/10 3:32 a.m.3 views

USN-7260-1 openrefine vulnerabilities

It was discovered that OpenRefine did not properly handle opening tar files. If a user or application were tricked into opening a crafted tar file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2023-37476 It was discovered that...

9.8CVSS5.7AI score0.45473EPSS
Exploits8References11
UbuntuCve
UbuntuCve
added 2024/02/12 9:15 p.m.15 views

CVE-2024-23833

OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefineversion=3.7.7 where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver library in the latest...

7.5CVSS7AI score0.00991EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/02/12 8:15 p.m.6 views

CVE-2024-23833 OpenRefine JDBC Attack Vulnerability

OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefineversion=3.7.7 where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver library in the latest...

7.5CVSS7.7AI score0.00991EPSS
Exploits1References2
CVE
CVE
added 2024/02/12 8:15 p.m.104 views

CVE-2024-23833

CVE-2024-23833 affects OpenRefine up to version 3.7.7, where a JDBC query could be constructed to read files from the host filesystem. The issue arises from deserialization-related behavior with the MySQL driver, and although the newer driver (in OpenRefine 8.0.30) eliminates the deserialization ...

7.5CVSS7.6AI score0.00991EPSS
Exploits1References2Affected Software1
Circl
Circl
added 2024/02/11 5:9 p.m.7 views

CVE-2024-23833

creationtimestamp| type| source ---|---|--- 2024-02-11 17:09:37+00:00| published-proof-of-concept| https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-6p92-qfqf-qwx4 2024-02-12 22:31:27+00:00| seen| https://t.me/ctinow/183437 2024-03-03 15:51:55+00:00| seen| https://t.me/ctinow/1987...

7.5CVSS7.1AI score0.00991EPSS
Exploits1References3
Rows per page
Query Builder