3 matches found
EUVD-2022-0362
Malicious code in bioql PyPI...
PT-2025-25575
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.12 Description The issue concerns the inclusion of the full IP address of the acting user in audit log notifications. This information could be obtained by third-party servers, such as SMTP relays or spam filters...
PT-2025-25574
Name of the Vulnerable Software and Affected Versions Weblate versions prior to 5.12 Description The verification of the second factor was not subject to rate limiting, allowing an attacker with valid credentials to automate OTP guessing via the second factor endpoint. Recommendations For version...