CVE-2022-31471

Description

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files.

References

Third Party Advisory
ProductThird Party Advisory
Release NotesThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics