CVE-2023-41887: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

September 12, 2023

Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) in org.openrefine:database.

References

github.com/OpenRefine/OpenRefine/commit/693fde606d4b5b78b16391c29d110389eb605511
github.com/OpenRefine/OpenRefine/security/advisories/GHSA-p3r5-x3hr-gpg5
github.com/advisories/GHSA-p3r5-x3hr-gpg5

Detect and mitigate CVE-2023-41887 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →