3 matches found
CVE-2023-41887 Remote Code exec in project import with mysql jdbc url attack
OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, a remote code execution vulnerability allows any unauthenticated user to execute code on the server. Version 3.7.5 has a patch for this issue...
CVE-2023-41887 Remote Code exec in project import with mysql jdbc url attack
OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, a remote code execution vulnerability allows any unauthenticated user to execute code on the server. Version 3.7.5 has a patch for this issue...
GHSA-QM2H-M799-86RC Apache Linkis JDBC EngineConn has deserialization vulnerability
In Apache Linkis =1.3.1, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in JDBC EngineConn Module will trigger a deserialization vulnerability and eventually lead to remote code execution. Therefore, the parameters in the Mysql JDBC U...