CVE-2025-32021

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-32021
Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code repository URL contains GitHub credentials, the confidential PAT and username are shown in plaintext and get saved into browser history. Moreover, if the request URL is logged, the credentials are written to logs in plaintext. If using Weblate official Docker image, nginx logs the URL and the token in plaintext. This issue is patched in version 5.11.

2.2 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.7 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.11
https://github.com/WeblateOrg/weblate/security/advisories/GHSA-m67m-3p5g-cw9j
https://github.com/WeblateOrg/weblate/security/advisories/GHSA-m67m-3p5g-cw9j
Configurations

No configuration.

History

16 Apr 2025, 15:16

Type Values Removed Values Added
References () https://github.com/WeblateOrg/weblate/security/advisories/GHSA-m67m-3p5g-cw9j - () https://github.com/WeblateOrg/weblate/security/advisories/GHSA-m67m-3p5g-cw9j -

16 Apr 2025, 13:25

Type Values Removed Values Added
Summary
  • (es) Weblate es una herramienta de localización web. Antes de la versión 5.11, al crear un nuevo componente a partir de uno existente con la URL del repositorio de código fuente especificada en la configuración, esta URL se incluía en los parámetros de URL del cliente durante el proceso de creación. Si, por ejemplo, la URL del repositorio de código fuente contiene credenciales de GitHub, el PAT confidencial y el nombre de usuario se muestran en texto plano y se guardan en el historial del navegador. Además, si se registra la URL de la solicitud, las credenciales se escriben en los registros en texto plano. Si se utiliza la imagen oficial de Docker de Weblate, nginx registra la URL y el token en texto plano. Este problema se solucionó en la versión 5.11.

15 Apr 2025, 21:16

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-15 21:16

Updated : 2025-04-16 15:16

NVD link : CVE-2025-32021

Mitre link : CVE-2025-32021

CVE.ORG link : CVE-2025-32021

JSON object : View

Products Affected

No product.

CWE
CWE-598

Use of GET Request Method With Sensitive Query Strings