CVE-2018-19859 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2018-19859

Analyzed

More Info Official Page

Source-cve@mitre.org

Published At-05 Dec, 2018 | 11:29

Updated At-28 Mar, 2019 | 20:04

OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	6.5	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary	2.0	4.0	MEDIUM	AV:N/AC:L/Au:S/C:N/I:P/A:N

CPE Matches

openrefine>>openrefine>>1.0

cpe:2.3:a:openrefine:openrefine:1.0:*:*:*:*:*:*:*

openrefine>>openrefine>>1.0

cpe:2.3:a:openrefine:openrefine:1.0:a1:*:*:*:*:*:*

openrefine>>openrefine>>1.0

cpe:2.3:a:openrefine:openrefine:1.0:a2:*:*:*:*:*:*

openrefine>>openrefine>>1.0

cpe:2.3:a:openrefine:openrefine:1.0:a3:*:*:*:*:*:*

openrefine>>openrefine>>1.0

cpe:2.3:a:openrefine:openrefine:1.0:a4:*:*:*:*:*:*

openrefine>>openrefine>>1.0

cpe:2.3:a:openrefine:openrefine:1.0:b1:*:*:*:*:*:*

openrefine>>openrefine>>1.0.1

cpe:2.3:a:openrefine:openrefine:1.0.1:*:*:*:*:*:*:*

openrefine>>openrefine>>1.0.2

cpe:2.3:a:openrefine:openrefine:1.0.2:*:*:*:*:*:*:*

openrefine>>openrefine>>1.0.3

cpe:2.3:a:openrefine:openrefine:1.0.3:*:*:*:*:*:*:*

openrefine>>openrefine>>1.0.5

cpe:2.3:a:openrefine:openrefine:1.0.5:*:*:*:*:*:*:*

openrefine>>openrefine>>1.0.6

cpe:2.3:a:openrefine:openrefine:1.0.6:*:*:*:*:*:*:*

openrefine>>openrefine>>1.0.7

cpe:2.3:a:openrefine:openrefine:1.0.7:*:*:*:*:*:*:*

openrefine>>openrefine>>1.1

cpe:2.3:a:openrefine:openrefine:1.1:*:*:*:*:*:*:*

openrefine>>openrefine>>2.0

cpe:2.3:a:openrefine:openrefine:2.0:*:*:*:*:*:*:*

openrefine>>openrefine>>2.1

cpe:2.3:a:openrefine:openrefine:2.1:*:*:*:*:*:*:*

openrefine>>openrefine>>2.1

cpe:2.3:a:openrefine:openrefine:2.1:rc1:*:*:*:*:*:*

openrefine>>openrefine>>2.5

cpe:2.3:a:openrefine:openrefine:2.5:*:*:*:*:*:*:*

openrefine>>openrefine>>2.5

cpe:2.3:a:openrefine:openrefine:2.5:rc1:*:*:*:*:*:*

openrefine>>openrefine>>2.5

cpe:2.3:a:openrefine:openrefine:2.5:rc3:*:*:*:*:*:*

openrefine>>openrefine>>2.6

cpe:2.3:a:openrefine:openrefine:2.6:alpha1:*:*:*:*:*:*

openrefine>>openrefine>>2.6

cpe:2.3:a:openrefine:openrefine:2.6:alpha2:*:*:*:*:*:*

openrefine>>openrefine>>2.6

cpe:2.3:a:openrefine:openrefine:2.6:beta1:*:*:*:*:*:*

openrefine>>openrefine>>2.6

cpe:2.3:a:openrefine:openrefine:2.6:rc1:*:*:*:*:*:*

openrefine>>openrefine>>2.6

cpe:2.3:a:openrefine:openrefine:2.6:rc2:*:*:*:*:*:*

openrefine>>openrefine>>2.7

cpe:2.3:a:openrefine:openrefine:2.7:*:*:*:*:*:*:*

openrefine>>openrefine>>2.7

cpe:2.3:a:openrefine:openrefine:2.7:rc1:*:*:*:*:*:*

openrefine>>openrefine>>2.7

cpe:2.3:a:openrefine:openrefine:2.7:rc2:*:*:*:*:*:*

openrefine>>openrefine>>2.8

cpe:2.3:a:openrefine:openrefine:2.8:*:*:*:*:*:*:*

openrefine>>openrefine>>3.0

cpe:2.3:a:openrefine:openrefine:3.0:*:*:*:*:*:*:*

openrefine>>openrefine>>3.0

cpe:2.3:a:openrefine:openrefine:3.0:beta:*:*:*:*:*:*

openrefine>>openrefine>>3.0

cpe:2.3:a:openrefine:openrefine:3.0:rc1:*:*:*:*:*:*

openrefine>>openrefine>>3.1

cpe:2.3:a:openrefine:openrefine:3.1:*:*:*:*:*:*:*

openrefine>>openrefine>>3.1

cpe:2.3:a:openrefine:openrefine:3.1:beta:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-22	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://github.com/OpenRefine/OpenRefine/issues/1840	cve@mitre.org	Exploit Third Party Advisory
https://github.com/OpenRefine/OpenRefine/pull/1901	cve@mitre.org	Third Party Advisory