CNNVD-202506-1926 Information
CNNVD ID
CNNVD-202506-1926
Related CVE
- CNNVD Published: 2025-06-16
Description (Chinese)
Weblate是Weblate开源的一个 Copyleft 的基于 web 的自由软件持续本地化系统。 Weblate 5.12之前版本存在安全漏洞,该漏洞源于审计日志通知包含完整IP地址,可能导致信息泄露。
Description (English)
Weblate is a weblate open source, a web-based free software-based localization system. There was a security loophole in the pre-Weblate 5.12 version, which stemmed from the fact that the audit log notice contained a full IP address and could lead to the disclosure of information.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Weblate
Published
2025-06-16
Last Modified
2026-02-24
References
https://github.com/WeblateOrg/weblate/pull/15102 https://github.com/WeblateOrg/weblate/commit/020b2905e4d001cff2452574d10e6cf3621b5f62 https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.12.1 https://github.com/WeblateOrg/weblate/security/advisories/GHSA-4qqf-9m5c-w2c5 https://access.redhat.com/security/cve/cve-2025-49134
Patch
https://github.com/WeblateOrg/weblate/releases
Share on: