PT-2025-54747 · Pypi · Weblate

Published

2025-12-18

·

Updated

2025-12-18

CVSS v3.1

9.1

Critical

VectorAV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Impact

It was possible to overwrite Git configuration remotely and override some of its behavior.

Resources

Thanks to Jason Marcello for responsible disclosure.

Fix

Path traversal

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-20

Related Identifiers

GHSA-8VCG-CFXJ-P5M3

Affected Products

Weblate