5 matches found
CVE-2024-47883
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the java.net.URL class to refer to what are expected to be local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local...
CVE-2024-47883 Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the java.net.URL class to refer to what are expected to be local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local...
CVE-2024-47883 Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the java.net.URL class to refer to what are expected to be local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local...
CVE-2024-47883
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the java.net.URL class to refer to what are expected to be local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local...
CVE-2024-47883
CVE-2024-47883 affects the OpenRefine fork of the MIT Simile Butterfly server. The Butterfly framework uses java.net.URL to load local resources (images/templates). Before version 1.2.6, if a file:/ URL is supplied where a relative resource name is expected, some code paths accept it and fetch th...