Filtered by vendor Untangle Project
Subscriptions
Filtered by product Untangle
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-33977 | 1 Untangle Project | 1 Untangle | 2024-11-21 | 7.5 High |
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running. | ||||
CVE-2022-31471 | 1 Untangle Project | 1 Untangle | 2024-11-21 | 7.5 High |
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files. |
Page 1 of 1.