CVE-2018-19859: Path Traversal
First published: Wed Dec 05 2018(Updated: )
OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openrefine Openrefine | =1.0 | |
| Openrefine Openrefine | =1.0-a1 | |
| Openrefine Openrefine | =1.0-a2 | |
| Openrefine Openrefine | =1.0-a3 | |
| Openrefine Openrefine | =1.0-a4 | |
| Openrefine Openrefine | =1.0-b1 | |
| Openrefine Openrefine | =1.0.1 | |
| Openrefine Openrefine | =1.0.2 | |
| Openrefine Openrefine | =1.0.3 | |
| Openrefine Openrefine | =1.0.5 | |
| Openrefine Openrefine | =1.0.6 | |
| Openrefine Openrefine | =1.0.7 | |
| Openrefine Openrefine | =1.1 | |
| Openrefine Openrefine | =2.0 | |
| Openrefine Openrefine | =2.1 | |
| Openrefine Openrefine | =2.1-rc1 | |
| Openrefine Openrefine | =2.5 | |
| Openrefine Openrefine | =2.5-rc1 | |
| Openrefine Openrefine | =2.5-rc3 | |
| Openrefine Openrefine | =2.6-alpha1 | |
| Openrefine Openrefine | =2.6-alpha2 | |
| Openrefine Openrefine | =2.6-beta1 | |
| Openrefine Openrefine | =2.6-rc1 | |
| Openrefine Openrefine | =2.6-rc2 | |
| Openrefine Openrefine | =2.7 | |
| Openrefine Openrefine | =2.7-rc1 | |
| Openrefine Openrefine | =2.7-rc2 | |
| Openrefine Openrefine | =2.8 | |
| Openrefine Openrefine | =3.0 | |
| Openrefine Openrefine | =3.0-beta | |
| Openrefine Openrefine | =3.0-rc1 | |
| Openrefine Openrefine | =3.1 | |
| Openrefine Openrefine | =3.1-beta |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-19859?
CVE-2018-19859 is a vulnerability in OpenRefine before version 3.2 beta that allows directory traversal via a relative pathname in a ZIP archive.
How severe is CVE-2018-19859?
CVE-2018-19859 has a severity score of 6.5, which is considered medium.
How can I fix CVE-2018-19859?
To fix CVE-2018-19859, upgrade to OpenRefine version 3.2 beta or later.
Where can I find more information about CVE-2018-19859?
You can find more information about CVE-2018-19859 on the NIST National Vulnerability Database (NVD) website.
What CWE category does CVE-2018-19859 belong to?
CVE-2018-19859 belongs to CWE category 22.
- collector/github-advisory-latest
- alias/GHSA-f6fv-fjg8-4m6w
- alias/CVE-2018-19859
- collector/github-advisory
- collector/nvd-index
- collector/nvd-cve
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/event
- agent/description
- agent/first-publish-date
- agent/trending
- agent/tags
- agent/source
- package-manager/maven
- vendor/openrefine
- canonical/openrefine openrefine
- version/openrefine openrefine/1.0
- version/openrefine openrefine/1.0-a1
- version/openrefine openrefine/1.0-a2
- version/openrefine openrefine/1.0-a3
- version/openrefine openrefine/1.0-a4
- version/openrefine openrefine/1.0-b1
- version/openrefine openrefine/1.0.1
- version/openrefine openrefine/1.0.2
- version/openrefine openrefine/1.0.3
- version/openrefine openrefine/1.0.5
- version/openrefine openrefine/1.0.6
- version/openrefine openrefine/1.0.7
- version/openrefine openrefine/1.1
- version/openrefine openrefine/2.0
- version/openrefine openrefine/2.1
- version/openrefine openrefine/2.1-rc1
- version/openrefine openrefine/2.5
- version/openrefine openrefine/2.5-rc1
- version/openrefine openrefine/2.5-rc3
- version/openrefine openrefine/2.6-alpha1
- version/openrefine openrefine/2.6-alpha2
- version/openrefine openrefine/2.6-beta1
- version/openrefine openrefine/2.6-rc1
- version/openrefine openrefine/2.6-rc2
- version/openrefine openrefine/2.7
- version/openrefine openrefine/2.7-rc1
- version/openrefine openrefine/2.7-rc2
- version/openrefine openrefine/2.8
- version/openrefine openrefine/3.0
- version/openrefine openrefine/3.0-beta
- version/openrefine openrefine/3.0-rc1
- version/openrefine openrefine/3.1
- version/openrefine openrefine/3.1-beta