📦 Openrefine

CVE-2023-41887 is a critical remote code execution vulnerability in OpenRefine that allows unauthenticated attackers to execute arbitrary code on the server. This affects all OpenRefine instances prio...

OpenRefine versions before 3.8.3 contain a path traversal vulnerability in the load-language command that allows attackers to read arbitrary JSON files on the file system. This affects all users runni...

OpenRefine versions before 3.8.3 lack CSRF protection on the preview-expression command, allowing malicious websites to execute attacker-controlled Clojure or Python code. This affects users running v...

This vulnerability in OpenRefine's database extension allows attackers to load arbitrary SQLite extension DLLs, potentially leading to remote code execution on the server. Attackers need network acces...

OpenRefine versions up to 3.7.7 contain a JDBC attack vulnerability that allows attackers to read arbitrary files on the host filesystem. This occurs when attackers can construct malicious JDBC querie...

CVE-2023-41886 is an arbitrary file read vulnerability in OpenRefine that allows unauthenticated attackers to read any file on the server filesystem. This affects all OpenRefine instances prior to ver...