4 matches found
CVE-2025-64725 Weblate has improper validation upon invitation acceptance
Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended...
GHSA-M6HQ-F4W9-QRJJ Weblate has improper validation upon invitation acceptance
Impact It was possible to accept an invitation opened by a different Weblate user. Patches https://github.com/WeblateOrg/weblate/pull/16913 Workarounds Users should avoid leaving Weblate sessions with an unattended opened invitation. References Thanks to Nahid0x for responsibly disclosing this...
Weblate has improper validation upon invitation acceptance
Impact It was possible to accept an invitation opened by a different Weblate user. Patches https://github.com/WeblateOrg/weblate/pull/16913 Workarounds Users should avoid leaving Weblate sessions with an unattended opened invitation. References Thanks to Nahid0x for responsibly disclosing this...
SUSE-SU-2023:0821-1 Security update for grafana
This update for grafana fixes the following issues: - CVE-2022-23552: Fixed SVG processing by adding a dompurify preprocessor step bsc1207749. - CVE-2022-39324: Fixed originalUrl spoof security issue bsc1207750. - CVE-2022-41723: Fixed go issue to avoid quadratic complexity in HPACK decoding...