← Back

Charles

charles

Vendor: Charlesproxy • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-19244
1Charlesproxy
1Charles
Nov 21, 2024
Nov 13, 2018
N/A· v4
8.6 HIGH· v3
5.0 MEDIUM· v2
An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may...Show more
An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked.Show less
CVE-2017-15358
1Charlesproxy
1Charles
Nov 21, 2024
Aug 3, 2018
N/A· v4
7.0 HIGH· v3
6.9 MEDIUM· v2
Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option.