Описание
OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, an arbitrary file read vulnerability allows any unauthenticated user to read a file on a server. Version 3.7.5 fixes this issue.
Ссылки
- Patch
- ExploitVendor Advisory
- Patch
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.7.5 (исключая)
cpe:2.3:a:openrefine:openrefine:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04296
Низкий
7.5 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 2 лет назад
OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, an arbitrary file read vulnerability allows any unauthenticated user to read a file on a server. Version 3.7.5 fixes this issue.
CVSS3: 7.5
debian
больше 2 лет назад
OpenRefine is a powerful free, open source tool for working with messy ...
CVSS3: 7.5
github
больше 2 лет назад
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack
EPSS
Процентиль: 89%
0.04296
Низкий
7.5 High
CVSS3
Дефекты
CWE-89