RSS   Podatności dla 'Openrefine'   RSS

2019-01-02
 
CVE-2019-3580

CWE-22
 

 
OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file.

 
2018-12-14
 
CVE-2018-20157

CWE-611
 

 
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.

 
2018-12-05
 
CVE-2018-19859

CWE-22
 

 
OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.

 


Copyright 2024, cxsecurity.com

 

Back to Top