漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
wlc Path traversal: Unsanitized API slugs in download command
Vulnerability Description
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
wlc 路径遍历漏洞
Vulnerability Description
wlc是Weblate开源的一个命令行客户端。 wlc 1.17.2之前版本存在路径遍历漏洞,该漏洞源于多翻译下载功能可能根据特制服务器的指令写入任意位置。
CVSS Information
N/A
Vulnerability Type
N/A