all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code

Add to bookmarks
Oct. 3, 2023, 9:03 a.m. | Guru Baran

GBHackers On Security gbhackers.com

A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to import malicious code and execute arbitrary code. OpenRefine is a strong Java-based, free, open-source tool for handling messy data. This includes cleaning it, converting it into a different format, and expanding it with web services and external data. According to SonarCloud, […]


The post Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code appeared first on GBHackers …

arbitrary code attacker attackers cleaning code critical cyber-attack data data cleaning free handling import java malicious malware openrefine source data tool transformation vulnerability zip

Visit resource

More from gbhackers.com / GBHackers On Security

NETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication 23 hours ago | gbhackers.com
1.0.6 address attacker attackers +30
5000+ CrushFTP Servers Hacked Using Zero-Day Exploit 1 day, 1 hour ago | gbhackers.com
access attacks can crushftp +30
13,142,840 DDoS Attacks Targeted Organization Around The Globe 1 day, 1 hour ago | gbhackers.com
attacks block can crash +16
Hackers Exploit Old Microsoft Office 0-day to Deliver Cobalt Strike 1 day, 2 hours ago | gbhackers.com
attack beacon cobalt cobalt strike +17
Microsoft Publicly Releases MS-DOS 4.0 Source Code 1 day, 5 hours ago | gbhackers.com
code computing cyber-attack cyber security +16
New SSLoad Malware Combined With Tools Hijacking Entire Network Domain 1 day, 5 hours ago | gbhackers.com
addition attack campaign cobalt +24
Palo Alto Networks Shares Remediation Advice for Hacked Firewalls 1 day, 6 hours ago | gbhackers.com
access advice alto breach +26
Analyze Malicious Powershell Scripts by Running Malware in ANY.RUN Sandbox 1 day, 19 hours ago | gbhackers.com
access antivirus any.run attackers +32
Beware! Zero-click RCE Exploit for iMessage Circulating on Hacker Forums 1 day, 23 hours ago | gbhackers.com
apple click code code execution +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs