Lucene search
+L

4 matches found

OSV
OSV
added 2025/02/10 3:32 a.m.3 views

USN-7260-1 openrefine vulnerabilities

It was discovered that OpenRefine did not properly handle opening tar files. If a user or application were tricked into opening a crafted tar file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2023-37476 It was discovered that...

9.8CVSS5.7AI score0.45473EPSS
Exploits8References11
UbuntuCve
UbuntuCve
added 2024/02/12 9:15 p.m.18 views

CVE-2024-23833

OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefineversion=3.7.7 where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver library in the latest...

7.5CVSS7AI score0.00991EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/02/12 8:15 p.m.6 views

CVE-2024-23833 OpenRefine JDBC Attack Vulnerability

OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefineversion=3.7.7 where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver library in the latest...

7.5CVSS7.7AI score0.00991EPSS
Exploits1References2
CVE
CVE
added 2024/02/12 8:15 p.m.108 views

CVE-2024-23833

CVE-2024-23833 affects OpenRefine up to version 3.7.7, where a JDBC query could be constructed to read files from the host filesystem. The issue arises from deserialization-related behavior with the MySQL driver, and although the newer driver (in OpenRefine 8.0.30) eliminates the deserialization ...

7.5CVSS7.6AI score0.00991EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder