ГлавнаяУязвимости → CVE-2025-68279
7.7высокая

CVE-2025-68279

Описание

Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Version 5.15.1 fixes the issue.

Затрагиваемое ПО
Weblate Weblate
CVSS
Балл7.7 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Источники
https://github.com/WeblateOrg/weblate/pull/17331https://github.com/WeblateOrg/weblate/pull/17356https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.15.1https://github.com/WeblateOrg/weblate/security/advisories/GHSA-g925-f788-4jh7