Описание
Duplicate Advisory: Command injection in Weblate
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-3872-f48p-pxqj. This link is maintained to preserve external references.
Original Description
Weblate is a web based localization tool with tight version control integration. Prior to version 4.11.1, Weblate didn't properly sanitize some arguments passed to Git and Mercurial, allowing them to change their behavior in an unintended way. Instances where untrusted users cannot create new components are not affected. The issues were fixed in the 4.11.1 release.
Ссылки
Пакеты
Weblate
< 4.11.1
4.11.1
CVE ID
Дефекты
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-23915. Reason: This candidate is a reservation duplicate of CVE-2022-23915. Notes: All CVE users should reference CVE-2022-23915 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage