0.003 Low
EPSS
Percentile
69.3%
weblate, is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the check_config function in the mercurial.py file allowing a malicious user to execute command via argument injection to crash the system
check_config
mercurial.py
github.com/WeblateOrg/weblate/commit/35d59f1f040541c358cece0a8d4a63183ca919b8
github.com/WeblateOrg/weblate/pull/7337
github.com/WeblateOrg/weblate/pull/7338
github.com/WeblateOrg/weblate/releases/tag/weblate-4.11.1