Skip to main content

Openrefine

13 CVEs product

Monthly

CVE-2024-49760 Maven MEDIUM PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Openrefine
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-47882 Maven MEDIUM POC PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openrefine
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-47881 Maven HIGH POC PATCH This Week

OpenRefine is a free, open source tool for working with messy data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi RCE Openrefine
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-47880 Maven MEDIUM POC PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS Openrefine
NVD GitHub
CVSS 3.1
6.9
EPSS
0.4%
CVE-2024-47879 Maven HIGH POC PATCH This Week

OpenRefine is a free, open source tool for working with messy data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection CSRF Python RCE Openrefine
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-47878 Maven MEDIUM POC PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openrefine
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-23833 Maven HIGH POC PATCH This Week

OpenRefine is a free, open source power tool for working with messy data and improving it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization RCE Path Traversal Openrefine
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-41887 Maven CRITICAL POC PATCH THREAT Act Now

OpenRefine is a powerful free, open source tool for working with messy data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE SQLi Openrefine
NVD GitHub
CVSS 3.1
9.8
EPSS
45.5%
CVE-2023-41886 Maven HIGH POC PATCH This Week

OpenRefine is a powerful free, open source tool for working with messy data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Openrefine
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-37476 Maven HIGH PATCH This Week

OpenRefine is a free, open source tool for data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Openrefine
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-3580 HIGH POC This Week

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Openrefine
NVD GitHub
CVSS 3.0
7.5
EPSS
1.9%
CVE-2018-20157 HIGH POC This Week

The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Openrefine
NVD GitHub
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-19859 Maven MEDIUM POC PATCH This Month

OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Openrefine
NVD GitHub
CVSS 3.0
6.5
EPSS
2.5%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Openrefine
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openrefine
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

OpenRefine is a free, open source tool for working with messy data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi RCE Openrefine
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS Openrefine
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

OpenRefine is a free, open source tool for working with messy data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection CSRF Python +2
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

OpenRefine is a free, open source tool for working with messy data. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Openrefine
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

OpenRefine is a free, open source power tool for working with messy data and improving it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization RCE Path Traversal +1
NVD GitHub
EPSS 45% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

OpenRefine is a powerful free, open source tool for working with messy data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE SQLi Openrefine
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

OpenRefine is a powerful free, open source tool for working with messy data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Openrefine
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

OpenRefine is a free, open source tool for data processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Openrefine
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Openrefine
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Openrefine
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Openrefine
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy