Moderate severityNVD Advisory· Published Jul 17, 2023· Updated Jun 10, 2025

Zip slip in OpenRefine

CVE-2023-37476

Description

OpenRefine is a free, open source tool for data processing. A carefully crafted malicious OpenRefine project tar file can be used to trigger arbitrary code execution in the context of the OpenRefine process if a user can be convinced to import it. The vulnerability exists in all versions of OpenRefine up to and including 3.7.3. Users should update to OpenRefine 3.7.4 as soon as possible. Users unable to upgrade should only import OpenRefine projects from trusted sources.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

OpenRefine up to 3.7.3 contains a Zip Slip vulnerability in project import that allows arbitrary file overwrite and remote code execution via a malicious tar file.

Vulnerability

Overview OpenRefine, an open-source data cleaning tool, contains a critical Zip Slip vulnerability (CVE-2023-37476) in its project import functionality. The flaw exists in all versions up to and including 3.7.3. When a user imports a specially crafted OpenRefine project tar file, the archive extraction process fails to validate filenames for path traversal sequences (such as ../), allowing an attacker to overwrite arbitrary files on the system [1][2].

Exploitation

Method The vulnerability is triggered by convincing a user to import a malicious project file. Since OpenRefine runs as a Java application with a web interface, an attacker can craft a tar archive containing entries with filenames like ../../path/to/existing.jar or other executable artifacts. During extraction, these files are written outside the intended project directory, potentially overwriting libraries, configuration files, or startup scripts [1]. No authentication is required beyond the user's action of importing the file; the attack surface is the import dialog available to anyone with access to the OpenRefine web interface.

Impact

Successful exploitation enables arbitrary code execution in the context of the OpenRefine process. An attacker can overwrite a Java class or library that gets loaded on the next restart or on-the-fly, leading to full remote code execution on the victim machine. The impact is high: confidentiality, integrity, and availability are all at risk [2].

Mitigation

The vulnerability is patched in OpenRefine version 3.7.4 [2][3]. Users should update immediately. For those unable to upgrade, the only workaround is to import projects exclusively from trusted sources and avoid opening untrusted .tar or .zip files [2]. The fix involves canonical path validation during archive extraction, a standard mitigation for the Zip Slip vulnerability class [1].

References

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.openrefine:mainMaven	< 3.7.4	3.7.4

Affected products

ghsa-coords
pkg:maven/org.openrefine/main
Range: < 3.7.4
Openrefine/Openrefinecpe-rescue
Range: < 3.7.4

Patches

e9c1e65d58b4

Merge pull request from GHSA-m88m-crr9-jvqq

https://github.com/OpenRefine/OpenRefineAntonin DelpeuchJul 17, 2023via ghsa

commit

3 files changed · +18 −0

main/src/com/google/refine/io/FileProjectManager.java+3 −0 modified

@@ -169,6 +169,9 @@ protected void untar(File destDir, InputStream inputStream) throws IOException {
 
         while ((tarEntry = tin.getNextTarEntry()) != null) {
             File destEntry = new File(destDir, tarEntry.getName());
+            if (!destEntry.toPath().normalize().startsWith(destDir.toPath().normalize())) {
+                throw new IllegalArgumentException("Zip archives with files escaping their root directory are not allowed.");
+            }
             File parent = destEntry.getParentFile();
 
             if (!parent.exists()) {

main/tests/data/zip-slip.tar+0 −0 added

main/tests/server/src/com/google/refine/io/FileProjectManagerTests.java+15 −0 modified

@@ -150,4 +150,19 @@ public void metaFileUpdateTest() throws GetProjectIDException, InterruptedExcept
         assertEquals(timeBeforeB, timeAfterB);
         assertNotEquals(timeBeforeA, timeAfterA);
     }
+
+    @Test
+    public void testUntarZipSlip() throws IOException {
+        FileProjectManager manager = new FileProjectManagerStub(workspaceDir);
+
+        File tempDir = TestUtils.createTempDirectory("openrefine-project-import-zip-slip-test");
+        try {
+            File subDir = new File(tempDir, "dest");
+            InputStream stream = FileProjectManagerTests.class.getClassLoader().getResourceAsStream("zip-slip.tar");
+
+            assertThrows(IllegalArgumentException.class, () -> manager.untar(subDir, stream));
+        } finally {
+            tempDir.delete();
+        }
+    }
 }

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-m88m-crr9-jvqqghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2023-37476ghsaADVISORY
github.com/OpenRefine/OpenRefine/commit/e9c1e65d58b47aec8cd676bd5c07d97b002f205eghsax_refsource_MISCWEB
github.com/OpenRefine/OpenRefine/releases/tag/3.7.4ghsax_refsource_MISCWEB
github.com/OpenRefine/OpenRefine/security/advisories/GHSA-m88m-crr9-jvqqghsax_refsource_CONFIRMWEB
www.sonarsource.com/blog/openrefine-zip-slipghsax_refsource_MISCWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000