Описание
OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| openrefine | fixed | 3.6.1-1 | package |
Примечания
https://github.com/ixSly/CVE-2022-41401
https://github.com/OpenRefine/OpenRefine/issues/4918
https://github.com/OpenRefine/OpenRefine/commit/8cb2fec45dd90fda8ed9608c691f6bb8ed721cd2 (3.6-beta1)
EPSS
Связанные уязвимости
OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.
OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.
OpenRefine Server-Side Request Forgery vulnerability
EPSS