← Back

Untangle

untangle

Vendor: Untangle Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-33977
1Untangle Project
1Untangle
Nov 21, 2024
Jul 26, 2022
N/A· v4
7.5 HIGH· v3
N/A· v2
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated...Show more
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running.Show less
CVE-2022-31471
1Untangle Project
1Untangle
Nov 21, 2024
Jul 26, 2022
N/A· v4
7.5 HIGH· v3
N/A· v2
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated atta...Show more
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files.Show less