4 matches found
CVE-2026-57942
LibreTranslate through 1.9.7, fixed in commit 397fd22, contains an IP spoofing vulnerability in the getremoteaddress function that allows unauthenticated attackers to spoof client IP addresses by injecting arbitrary values into the X-Forwarded-For header without trusted proxy validation. Attacker...
CVE-2026-57942 LibreTranslate - IP Spoofing via X-Forwarded-For Header
LibreTranslate through 1.9.7, fixed in commit 397fd22, contains an IP spoofing vulnerability in the getremoteaddress function that allows unauthenticated attackers to spoof client IP addresses by injecting arbitrary values into the X-Forwarded-For header without trusted proxy validation. Attacker...
CVE-2026-57942
LibreTranslate through 1.9.7, fixed in commit 397fd22, contains an IP spoofing vulnerability in the getremoteaddress function that allows unauthenticated attackers to spoof client IP addresses by injecting arbitrary values into the X-Forwarded-For header without trusted proxy validation. Attacker...
beez (=0.0.1), chellow (>=2631.0.0 <=2679.0.0) +2 more potentially affected by CVE-2022-31015 via waitress (=2.1.1)
waitress PYPI version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on waitress and may be impacted: - beez =0.0.1 - chellow =2631.0.0, =13.0.0, =13.2.0 - libretranslate =1.2.9 Source cves: CVE-2022-31015 Source advisory: OSV:GHSA-F5X9-8JWC-25RW...