漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
wlc may leak API keys due to an insecure API key configuration
Vulnerability Description
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, wlc supported providing unscoped API keys in the setting. This practice was discouraged for years, but the code was never removed. This might cause the API key to be leaked to different servers.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
wlc 信息泄露漏洞
Vulnerability Description
wlc是Weblate开源的一个命令行客户端。 wlc 1.17.0之前版本存在信息泄露漏洞,该漏洞源于支持在设置中提供未限定范围的API密钥,可能导致API密钥泄露到不同的服务器。
CVSS Information
N/A
Vulnerability Type
N/A