CVE-2026-22250

Опубликовано: 12 янв. 2026

Источник: nvd

CVSS3: 2.5

CVSS3: 5.5

EPSS Низкий

Описание

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.

Ссылки

https://github.com/WeblateOrg/wlc/commit/a513864ec4daad00146e6d6e039559726e256fa3
Patch
https://github.com/WeblateOrg/wlc/pull/1097
Issue Tracking
https://github.com/WeblateOrg/wlc/security/advisories/GHSA-2mmv-7rrp-g8xh
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:weblate:wlc:*:*:*:*:*:*:*:*

Версия до 1.17.0 (исключая)

EPSS

Процентиль: 1%

0.0001

Низкий

2.5 Low

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-295

Связанные уязвимости

CVE-2026-22250

CVSS3: 2.5

ubuntu

27 дней назад

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.

CVE-2026-22250

CVSS3: 2.5

debian

27 дней назад

wlc is a Weblate command-line client using Weblate's REST API. Prior t ...

GHSA-2mmv-7rrp-g8xh

CVSS3: 2.5

github

27 дней назад

Weblate command-line client susceptible to SSL verification skip

EPSS

Процентиль: 1%

0.0001

Низкий

2.5 Low

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-295