CNNVD-202509-942 Information

CNNVD ID

CNNVD-202509-942

Related CVE

CVE-2025-58352

• CNNVD Published: 2025-09-05

Description (Chinese)

Weblate是Weblate开源的一个 Copyleft 的基于 web 的自由软件持续本地化系统。 Weblate 5.13.1之前版本存在代码问题漏洞，该漏洞源于第二因素验证期间会话过期时间长，可能绕过速率限制。

Description (English)

Weblate is a weblate open source, a web-based free software-based localization system. There was a code problem gap in the pre-Weblate 5.13.1 version, which stemmed from the long expiry of the session during the second factor validation and could circumvent the speed limit.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Weblate

Published

2025-09-05

Last Modified

2026-02-24

References

https://github.com/WeblateOrg/weblate/commit/0b46fe596231dd456283ead66699ae5516f23908 https://github.com/WeblateOrg/weblate/pull/16002 https://github.com/WeblateOrg/weblate/security/advisories/GHSA-377j-wj38-4728

Patch

https://github.com/WeblateOrg/weblate/releases