CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Charlesproxy: >> Charles Security Vulnerabilities

CVE-2018-19244

An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked.

CVSS Score

8.6

EPSS Score

0.003

Published

2018-11-13

CVE-2017-15358

Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option.

CVSS Score

7.0

EPSS Score

0.003

Published

2018-08-03

Page 1

Vulnerabilities

Vulnerable Software

Charlesproxy: >> Charles Security Vulnerabilities

Products

Pricing

Contact Us