Weblate is a web based localization tool with tight version control integration. Prior to version 4.11.1, Weblate didn’t properly sanitize some arguments passed to Git and Mercurial, allowing them to change their behavior in an unintended way. Instances where untrusted users cannot create new components are not affected. The issues were fixed in the 4.11.1 release.
github.com/advisories/GHSA-h2g5-2rhx-ffgj
github.com/WeblateOrg/weblate/commit/35d59f1f040541c358cece0a8d4a63183ca919b8
github.com/WeblateOrg/weblate/commit/d83672a3e7415da1490334e2c9431e5da1966842
github.com/WeblateOrg/weblate/security/advisories/GHSA-3872-f48p-pxqj
nvd.nist.gov/vuln/detail/CVE-2022-24727