Описание
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Version 5.15.1 fixes the issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| weblate | itp | package |
EPSS
Процентиль: 18%
0.00056
Низкий
Связанные уязвимости
CVSS3: 7.7
nvd
около 2 месяцев назад
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Version 5.15.1 fixes the issue.
CVSS3: 7.7
github
около 2 месяцев назад
Weblate has an arbitrary file read via symbolic links
EPSS
Процентиль: 18%
0.00056
Низкий