Vulnerability Database
Blog
FAQ
Docs
CVE-2018-19859
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-19859
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-19859.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-19859
Aliases
GHSA-f6fv-fjg8-4m6w
Published
2018-12-05T11:29:05Z
Modified
2024-10-12T03:24:51.845967Z
Severity
6.5 (Medium)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVSS Calculator
Summary
[none]
Details
OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.
References
https://github.com/OpenRefine/OpenRefine/issues/1840
https://github.com/OpenRefine/OpenRefine/pull/1901
Affected packages
Git
/
github.com/openrefine/openrefine
Affected ranges
Type
GIT
Repo
https://github.com/openrefine/openrefine
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
06f2c6cdf4f863968f5ddd56f03563aba9ca3409
Last affected
208024c114a7a10e9a370daa787f77612b26b9ad
Last affected
21ad35f4b2dfd57d1840f7377e407a1252fe8118
Last affected
3ad7d9e19d7a006101979e70fdae58fa7a4110ab
Last affected
45d2d85f3d82a8ad3cbddcd1443c32f04db6bfa0
Last affected
511a1dae8911fce6ff68bb2a46b4bb75320c060d
Last affected
523bdf463b59eac2ee18c69b97c96b5c8f065584
Last affected
54e976a7f5aaaf02f79fe592090ea10b67ddb8db
Last affected
709ccecb42736666800a27e0b012608bf7ad00eb
Last affected
74d599a0da5f2a086f9b531918a8794cbd519993
Last affected
76430bd6bd374fc11d99c74c36e59513f94a0b6b
Last affected
7ea85982b5e3c56cb4874a52a7f5e5455d925df1
Last affected
8dc8e294f71fd4d2216726a93b8f52341508a9fd
Last affected
b90e413b404e6ca7e2b3351db773fe189c1a2a65
Last affected
cc16e9664d55afc7175c41b9893b3bf2fd66c69d
Last affected
d7aef8a5a52b419415c14d2405005cfbd4919c3b
Last affected
e056f13d63eb4e0ff95c1fdb10c628a9816e015b
Last affected
e1b1074922fe2d037fadb633f45304ebda89ea9d
Last affected
e4b18fbf269d700cf2ee6996644c1b0230ef4b77
Last affected
f4ff22734071d0d3ecc01451ff96409b72cc6d8d
Last affected
f9c81adf9d5059f6bd37c97b2c86c5ae8cbee931
Last affected
f9f4fc695c785ba716210e9b1a488a46b2b8d8c2
Last affected
ffbc6879ce63c1a679288eaf2e02314a41661d3a
Affected versions
1.*
1.1
2.*
2.6-alpha.2
2.6-alpha1
2.6-beta.1
2.6-rc.2
2.7
2.7-rc.1
2.7-rc.2
v2.*
v2.6-rc1
CVE-2018-19859 - OSV