Vulnerabilities > Openrefine
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-04 | CVE-2022-41401 | Server-Side Request Forgery (SSRF) vulnerability in Openrefine OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure. | 6.5 |
| 2023-07-17 | CVE-2023-37476 | Unspecified vulnerability in Openrefine OpenRefine is a free, open source tool for data processing. | 7.8 |
| 2019-01-03 | CVE-2019-3580 | Path Traversal vulnerability in Openrefine OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. | 7.5 |
| 2018-12-15 | CVE-2018-20157 | XXE vulnerability in Openrefine The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files. | 7.5 |
| 2018-12-05 | CVE-2018-19859 | Path Traversal vulnerability in Openrefine OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive. | 6.5 |