pkg:Debian/openrefine

11 total CVEsCRITICAL1HIGH7MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2023-41887OpenRefine Remote Code execution in project import with mysql jdbc url attack
    from 0, < 3.6.2-2+deb12u2
  • HIGH8.1CVE-2024-47881OpenRefine's SQLite integration allows filesystem access, remote code execution (RCE)
    from 0, < 3.6.2-2+deb12u3
  • HIGH8.1CVE-2024-47880OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand
    from 0, < 3.6.2-2+deb12u3
  • HIGH8.1CVE-2024-47878OpenRefine has a reflected cross-site scripting vulnerability (XSS) in GData extension (authorized.vt)
    from 0, < 3.6.2-2+deb12u3
  • HIGH7.6CVE-2024-47879OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
    from 0
  • HIGH7.5CVE-2023-41886OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack
    from 0, < 3.6.2-2+deb12u2
  • HIGH7.3CVE-2024-23833OpenRefine JDBC Attack Vulnerability
    from 0, < 3.6.2-2+deb12u3
  • HIGH7.1CVE-2024-49760OpenRefine has a path traversal in LoadLanguageCommand
    from 0, < 3.6.2-2+deb12u3
  • MEDIUM6.5CVE-2022-41401OpenRefine Server-Side Request Forgery vulnerability
    from 0, < 3.6.1-1
  • MEDIUM5.9CVE-2024-47882OpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project
    from 0, < 3.6.2-2+deb12u3
  • MEDIUM5.5CVE-2023-37476OpenRefine vulnerable to zip slip in project import
    from 0, < 3.6.2-2+deb12u1