CVE-2018-19859

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-19859
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-19859.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-19859
Aliases
Published
2018-12-05T11:29:05Z
Modified
2024-10-12T03:24:51.845967Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.

References

Affected packages

Git / github.com/openrefine/openrefine

Affected versions

1.*

1.1

2.*

2.6-alpha.2
2.6-alpha1
2.6-beta.1
2.6-rc.2
2.7
2.7-rc.1
2.7-rc.2

v2.*

v2.6-rc1