7 matches found
CVE-2026-23535
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...
CVE-2026-23535
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...
CVE-2026-23535
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...
UBUNTU-CVE-2026-23535
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.2, the multi-translation download could write to an arbitrary location when instructed by a crafted server. This vulnerability is fixed in 1.17.2...
Directory Traversal
Overview wlc is an A command-line utility for Weblate, translation tool with tight version control integration Affected versions of this package are vulnerable to Directory Traversal via unsanitized component slugs from the Weblate server during multi-translation downloads. An attacker can write...
WLC path traversal vulnerability
WLC is an open-source command-line client developed by Weblate. Versions of WLC prior to 1.17.2 contained a path traversal vulnerability. This vulnerability stemmed from the multi-translation download feature, which could write data to arbitrary locations based on instructions from a specially...
PT-2026-3302
Name of the Vulnerable Software and Affected Versions Weblate wlc versions prior to 1.17.2 Description The Weblate command-line client wlc, which uses Weblate's REST API, is susceptible to an arbitrary file write issue. A crafted server can instruct the multi-translation download functionality to...