Charlesproxy Charles vulnerabilities
2 known vulnerabilities affecting charlesproxy/charles.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-15358P3HIGHCVSS 7.0PoCfixed in 4.2.12018-08-03
CVE-2017-15358 [HIGH] CWE-362 CVE-2017-15358: Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local
Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the --self-repair option.
nvd
CVE-2018-19244P3HIGHCVSS 8.6v4.2.72018-11-13
CVE-2018-19244 [HIGH] CWE-611 CVE-2018-19244: An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. I
An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked.
nvd