Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19859 | 1 Openrefine | 1 Openrefine | 2019-03-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive. | |||||
| CVE-2019-3580 | 1 Openrefine | 1 Openrefine | 2019-01-25 | 5.0 MEDIUM | 7.5 HIGH |
| OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. | |||||
| CVE-2018-20157 | 1 Openrefine | 1 Openrefine | 2019-01-03 | 5.0 MEDIUM | 7.5 HIGH |
| The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files. | |||||