VulnerableCode Package Details - pkg:pypi/untangle@1.2.1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9y5d-u3us-uuc4	untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files.	CVE-2022-31471 GHSA-f83q-2cp7-qrjg PYSEC-2022-244
VCID-bnwk-w5a8-8fe4	untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running.	CVE-2022-33977 GHSA-7xr3-6ggc-wc9p PYSEC-2022-243

Vulnerability

Summary

Aliases

VCID-9y5d-u3us-uuc4

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may read the contents of local files.

CVE-2022-31471
GHSA-f83q-2cp7-qrjg
PYSEC-2022-244

VCID-bnwk-w5a8-8fe4

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker may cause a denial-of-service (DoS) condition on the server where the product is running.

CVE-2022-33977
GHSA-7xr3-6ggc-wc9p
PYSEC-2022-243

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T19:00:17.123208+00:00	GHSA Importer	Fixing	VCID-bnwk-w5a8-8fe4	https://github.com/advisories/GHSA-7xr3-6ggc-wc9p	38.6.0
2026-06-04T19:00:17.059652+00:00	GHSA Importer	Fixing	VCID-9y5d-u3us-uuc4	https://github.com/advisories/GHSA-f83q-2cp7-qrjg	38.6.0
2026-06-04T17:51:53.323440+00:00	GithubOSV Importer	Fixing	VCID-bnwk-w5a8-8fe4	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-7xr3-6ggc-wc9p/GHSA-7xr3-6ggc-wc9p.json	38.6.0
2026-06-04T17:51:51.776185+00:00	GithubOSV Importer	Fixing	VCID-9y5d-u3us-uuc4	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-f83q-2cp7-qrjg/GHSA-f83q-2cp7-qrjg.json	38.6.0
2026-06-02T04:17:31.292731+00:00	Pypa Importer	Fixing	VCID-bnwk-w5a8-8fe4	https://github.com/pypa/advisory-database/blob/main/vulns/untangle/PYSEC-2022-243.yaml	38.6.0
2026-06-02T04:17:31.239674+00:00	Pypa Importer	Fixing	VCID-9y5d-u3us-uuc4	https://github.com/pypa/advisory-database/blob/main/vulns/untangle/PYSEC-2022-244.yaml	38.6.0