Untangle Project

untangle_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Untangle

untangle

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-33977 1Untangle Project 1Untangle Nov 21, 2024 Jul 26, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated...Show more untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running.Show less
CVE-2022-31471 1Untangle Project 1Untangle Nov 21, 2024 Jul 26, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated atta...Show more untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-33977

1Untangle Project

1Untangle

Nov 21, 2024

Jul 26, 2022

N/A· v4

7.5 HIGH· v3

N/A· v2

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated...Show more

CVE-2022-31471