Описание
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Version 5.15.1 fixes the issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| weblate | itp | package |
EPSS
Процентиль: 20%
0.00065
Низкий
Связанные уязвимости
CVSS3: 7.7
nvd
4 месяца назад
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Version 5.15.1 fixes the issue.
CVSS3: 7.7
github
4 месяца назад
Weblate has an arbitrary file read via symbolic links
EPSS
Процентиль: 20%
0.00065
Низкий