CVE-2026-22250

Опубликовано: 12 янв. 2026

Источник: debian

EPSS Низкий

Описание

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.

Пакеты

Пакет	Статус	Релиз	Тип
wlc	unfixed		package
wlc	no-dsa	trixie	package
wlc	no-dsa	bookworm	package

Примечания

https://github.com/WeblateOrg/wlc/security/advisories/GHSA-2mmv-7rrp-g8xh
https://github.com/WeblateOrg/wlc/pull/1097
Fixed by: https://github.com/WeblateOrg/wlc/commit/a513864ec4daad00146e6d6e039559726e256fa3 (1.17.0)

EPSS

Процентиль: 1%

0.00011

Низкий

Связанные уязвимости

CVE-2026-22250

CVSS3: 2.5

ubuntu

8 дней назад

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.

CVE-2026-22250

CVSS3: 2.5

nvd

8 дней назад

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.

GHSA-2mmv-7rrp-g8xh

CVSS3: 2.5

github

8 дней назад

Weblate command-line client susceptible to SSL verification skip

EPSS

Процентиль: 1%

0.00011

Низкий