Lucene search
+L

5 matches found

osv
osv
added 2022/08/06 5:30 a.m.69 views

GHSA-F83Q-2CP7-QRJG untangle vulnerable to Improper Restriction of XML External Entity Reference

Description untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files. Impact An attacker may...

8.7CVSS7.3AI score0.01336EPSS
Exploits0References6
github
github
added 2022/08/06 5:30 a.m.24 views

untangle vulnerable to Improper Restriction of XML External Entity Reference

Description untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files. Impact An attacker may...

7.5CVSS7.2AI score0.01336EPSS
Exploits0References6Affected Software1
nvd
nvd
added 2022/07/26 6:15 a.m.40 views

CVE-2022-33977

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service DoS condition on the server where the...

7.5CVSS0.01396EPSS
Exploits0References3
debiancve
debiancve
added 2022/07/26 5:10 a.m.32 views

CVE-2022-33977

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service DoS condition on the server where the...

7.5CVSS7.5AI score0.01396EPSS
Exploits0
osv
osv
added 2022/07/26 5:10 a.m.21 views

CVE-2022-31471

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files...

7.5CVSS7.4AI score0.01336EPSS
Exploits0References5
Rows per page
Query Builder