Описание
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Ссылки
- Issue Tracking
- Issue Tracking
- Release Notes
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.15.1 (исключая)
cpe:2.3:a:weblate:weblate:*:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00222
Низкий
9.1 Critical
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.1
debian
около 2 месяцев назад
Weblate is a web based localization tool. In versions prior to 5.15.1, ...
CVSS3: 9.1
github
около 2 месяцев назад
Weblate is vulnerable to RCE through Git config file overwrite
EPSS
Процентиль: 45%
0.00222
Низкий
9.1 Critical
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-20
NVD-CWE-noinfo