Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-31471 | 1 Untangle Project | 1 Untangle | 2024-02-28 | N/A | 7.5 HIGH |
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files. | |||||
CVE-2022-33977 | 1 Untangle Project | 1 Untangle | 2024-02-28 | N/A | 7.5 HIGH |
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running. |