Search for packages
| purl | pkg:pypi/untangle@1.2.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9y5d-u3us-uuc4
Aliases: CVE-2022-31471 GHSA-f83q-2cp7-qrjg PYSEC-2022-244 |
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files. |
Affected by 0 other vulnerabilities. |
|
VCID-bnwk-w5a8-8fe4
Aliases: CVE-2022-33977 GHSA-7xr3-6ggc-wc9p PYSEC-2022-243 |
untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T19:00:17.121468+00:00 | GHSA Importer | Affected by | VCID-bnwk-w5a8-8fe4 | https://github.com/advisories/GHSA-7xr3-6ggc-wc9p | 38.6.0 |
| 2026-06-04T19:00:17.058163+00:00 | GHSA Importer | Affected by | VCID-9y5d-u3us-uuc4 | https://github.com/advisories/GHSA-f83q-2cp7-qrjg | 38.6.0 |
| 2026-06-02T04:17:31.288869+00:00 | Pypa Importer | Affected by | VCID-bnwk-w5a8-8fe4 | https://github.com/pypa/advisory-database/blob/main/vulns/untangle/PYSEC-2022-243.yaml | 38.6.0 |
| 2026-06-02T04:17:31.235014+00:00 | Pypa Importer | Affected by | VCID-9y5d-u3us-uuc4 | https://github.com/pypa/advisory-database/blob/main/vulns/untangle/PYSEC-2022-244.yaml | 38.6.0 |