VulnerableCode Package Details - pkg:pypi/wlc@1.15

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/wlc@1.15

Essentials
History (4)

purl	pkg:pypi/wlc@1.15

Next non-vulnerable version	2.0.0
Latest non-vulnerable version	2.0.0
Risk	4.0

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-9s62-8ytz-6fgs Aliases: CVE-2026-23535 GHSA-mmwx-79f6-67jg	Weblate wlc path traversal vulnerability: Unsanitized API slugs in download command Multi-translation download could write to an arbitrary location when instructed by a crafted server.	1.17.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9vwj-87p8-vfe9 Aliases: CVE-2026-22251 GHSA-9rp8-h4g8-8766	Weblate wlc has insecure API key configuration Historically, wlc supported providing unscoped API keys in the setting. This practice was discouraged for years, but the code was never removed. This might cause the API key to be used against different server.	1.17.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-gq5q-hpex-b7au Aliases: CVE-2026-42150 GHSA-gx2m-mcc2-r4p3		2.0.0 Affected by 0 other vulnerabilities.
VCID-h3mh-b457-cbad Aliases: CVE-2026-22250 GHSA-2mmv-7rrp-g8xh	Weblate command-line client susceptible to SSL verification skip The SSL verification would be skipped for some crafted URLs.	1.17.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-01T10:56:25.434245+00:00	GitLab Importer	Affected by	VCID-gq5q-hpex-b7au	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wlc/CVE-2026-42150.yml	38.6.0
2026-06-01T09:26:29.741631+00:00	GitLab Importer	Affected by	VCID-9s62-8ytz-6fgs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wlc/CVE-2026-23535.yml	38.6.0
2026-06-01T09:23:06.242381+00:00	GitLab Importer	Affected by	VCID-9vwj-87p8-vfe9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wlc/CVE-2026-22251.yml	38.6.0
2026-06-01T09:23:04.709124+00:00	GitLab Importer	Affected by	VCID-h3mh-b457-cbad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/wlc/CVE-2026-22250.yml	38.6.0