4 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-47880
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the export- rows command can be used in such a way that it reflects...
USN-7260-1 openrefine vulnerabilities
It was discovered that OpenRefine did not properly handle opening tar files. If a user or application were tricked into opening a crafted tar file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2023-37476 It was discovered that...
CVE-2024-47880
OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the export-rows command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken from the request. An attacker could lead a user to a malicious page th...
CVE-2024-47880
OpenRefine vulnerable prior to version 3.8.3 to a reflected cross-site scripting issue in the export-rows command. An attacker could lure a user to a malicious page that submits a POST containing embedded JavaScript, which could be echoed in the response along with an attacker-controlled Content-...