Vulnerabilities (CVE)

Filtered by vendor Charlesproxy Subscribe
Filtered by product Charles
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19244 1 Charlesproxy 1 Charles 2024-11-21 5.0 MEDIUM 8.6 HIGH
An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked.
CVE-2017-15358 1 Charlesproxy 1 Charles 2024-11-21 6.9 MEDIUM 7.0 HIGH
Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option.