Vulnerabilities > CVE-2023-41887 - Unspecified vulnerability in Openrefine
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, a remote code execution vulnerability allows any unauthenticated user to execute code on the server. Version 3.7.5 has a patch for this issue.
Vulnerable Configurations
References
- https://github.com/OpenRefine/OpenRefine/commit/693fde606d4b5b78b16391c29d110389eb605511
- https://github.com/OpenRefine/OpenRefine/commit/693fde606d4b5b78b16391c29d110389eb605511
- https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-p3r5-x3hr-gpg5
- https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-p3r5-x3hr-gpg5