GHSA-f83q-2cp7-qrjg

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-f83q-2cp7-qrjg/GHSA-f83q-2cp7-qrjg.json
Aliases
Published
2022-08-06T05:30:13Z
Modified
2022-08-16T03:30:04.941034Z
Details

Impact

An attacker may be able to read the contents of local files. This affects untangle versions up to and including 1.2.0

Patches

The problem has been fixed with version 1.2.1

Workarounds

None

References

https://jvn.jp/en/jp/JVN30454777/

For more information

If you have any questions or comments about this advisory: * Open an issue

References

Affected packages

PyPI / untangle

untangle

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
1.2.1

Affected versions

0.*

0.3
0.3.1
0.4.0

1.*

1.0.0
1.1.0
1.1.1
1.2.0