Vulnerabilities > Openrefine > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-24 CVE-2024-47879 Cross-Site Request Forgery (CSRF) vulnerability in Openrefine
OpenRefine is a free, open source tool for working with messy data.
network
low complexity
openrefine CWE-352
8.8
8.8
2024-10-24 CVE-2024-47881 SQL Injection vulnerability in Openrefine
OpenRefine is a free, open source tool for working with messy data.
network
low complexity
openrefine CWE-89
8.8
8.8
2024-02-12 CVE-2024-23833 Incorrect Authorization vulnerability in Openrefine
OpenRefine is a free, open source power tool for working with messy data and improving it.
network
low complexity
openrefine CWE-863
7.5
7.5
2023-09-15 CVE-2023-41886 Unspecified vulnerability in Openrefine
OpenRefine is a powerful free, open source tool for working with messy data.
network
low complexity
openrefine
7.5
7.5
2023-07-17 CVE-2023-37476 Unspecified vulnerability in Openrefine
OpenRefine is a free, open source tool for data processing.
local
low complexity
openrefine
7.8
7.8
2019-01-03 CVE-2019-3580 Path Traversal vulnerability in Openrefine
OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file.
network
low complexity
openrefine CWE-22
7.5
7.5
2018-12-15 CVE-2018-20157 XXE vulnerability in Openrefine
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
network
low complexity
openrefine CWE-611
7.5
7.5