Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Charlesproxy Subscribe
Filtered by product Charles
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19244 1 Charlesproxy 1 Charles 2019-01-31 5.0 MEDIUM 8.6 HIGH
An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked.
CVE-2017-15358 1 Charlesproxy 1 Charles 2018-10-02 6.9 MEDIUM 7.0 HIGH
Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option.