Weblate 威胁模型¶
项目:Weblate
Last reviewed for Weblate 2026.7 at commit 491e79010b2.
Date: 2026-05-14.
Status: Accepted, 2026-05-14.
Version binding: This model is versioned with Weblate releases. A report against Weblate version N is triaged against the model published for version N, not against the latest development branch. (maintainer)
Reporting cross-reference: Reports that violate a property Weblate claims in
Security properties Weblate provides are reported through SECURITY.md
and 漏洞和事件处理. Reports that fall under Out of scope or
Security properties Weblate does not provide can be closed by citing this
document unless this model routes them to VALID-HARDENING. (documented)
(source: 漏洞和事件处理)
Provenance legend: *(documented)* means the claim is stated in Weblate
documentation; *(maintainer)* means it was stated by a maintainer during
this threat-model process; *(inferred)* means it was reasoned from the
current project shape and needs maintainer confirmation.
Provenance summary: 97 documented / 65 maintainer / 0 inferred claims.
Weblate is a Django-based web localization platform. It accepts work from browser users, API clients, project-scoped tokens, repository webhooks, VCS repositories, backup archives, background workers, and configured external services, then stores and synchronizes translation projects through a database, datastore, local filesystem repositories, and external code-hosting systems. (documented) (source: Weblate 文档, Weblate 的 REST API, 持续本地化)
范围和预期用途¶
部件族 |
Representative surface |
Outside-process effects |
部件状态 |
|---|---|---|---|
Web 用户界面和 REST API |
Browser views, forms, session endpoints, Weblate 的 REST API |
Database, datastore, e-mail, logs, uploaded files |
In scope. (documented) (source: Weblate 的 REST API, 配置说明) |
身份认证、会话和授权 |
Login, 2FA, SSO, teams, permissions, project access, API tokens |
Database, identity providers, browser cookies |
|
项目级 API 令牌 |
Tokens created in project API access |
Same application effects as the token permissions allow |
In scope as authenticated actors with delegated project scope. (documented) (source: Weblate 的 REST API, 访问控制) |
Webhooks |
后台任务计划和 VCS 仓库更新 |
||
VCS 集成 |
Repository URLs, branches, pushes, pulls, merge requests, local clones |
Filesystem, child VCS commands, SSH/HTTPS network connections |
In scope when reachable through Weblate configuration or project content. (documented) (source: 持续本地化, 代码托管集成) |
后台任务 |
Celery queues for repository updates, notifications, translation memory, translation, and backups |
Database, datastore, filesystem, outbound network |
In scope as Weblate-controlled execution of user or operator actions. (documented) (source: 配置说明) |
项目备份导入/导出 |
Uploaded ZIP archives, filesystem restore, repository state |
In scope. (documented) (source: 备份和迁移 Weblate, 管理命令) |
|
服务备份 |
BorgBackup configuration and |
Local or remote backup storage over filesystem or SSH |
In scope for Weblate's handling of configured backup jobs; Borg itself is out of scope. (documented) (source: 备份和迁移 Weblate, 管理命令) |
机器翻译和外部集成 |
Machine translation, avatars, status reporting, telemetry, error reporting, VCS hosts, CDN add-on |
Outbound HTTP(S), provider APIs, logs |
In scope for Weblate's enforcement of configured access and network restrictions. Provider behavior is out of scope. (documented) (source: 配置, 附加组件) |
附加组件 |
Built-in add-ons and administrator-configured add-on execution |
Varies by add-on; can mutate repositories or contact services |
Built-in add-ons are in scope when enabled. Third-party add-ons are out of scope except for Weblate's permission and installation gates. (maintainer) |
管理命令 |
weblate commands run by an operator |
Database, filesystem, VCS, backup storage |
In scope when processing untrusted Weblate data; the local operator shell is trusted. (maintainer) |
Tests, generated docs, screenshots, development fixtures |
|
Development-only files and generated artifacts |
Out of scope for product security claims. (maintainer) |
The intended deployment is a server-side Weblate installation behind a web server or reverse proxy, with a WSGI application server, PostgreSQL database, datastore, Celery workers, a writable data directory, and optional outbound VCS, backup, identity-provider, and machine-translation integrations. (documented) (source: 配置说明)
The relevant actors are split by trust level: unauthenticated clients, authenticated users, reviewers, project managers, administrators, project-scoped API tokens, webhook senders, external VCS providers, configured external services, and local operators. (documented) (source: 访问控制, Weblate 的 REST API)
Weblate is not intended to be embedded as an in-process security library, used as a sandbox for untrusted code, or exposed without the deployment controls documented for production use. (maintainer)
超出范围¶
The following are explicit non-goals for this model:
A compromised operating system account, container runtime, database server, datastore, reverse proxy, or administrator shell. Weblate runs inside those boundaries and does not claim to protect itself from an already-compromised host. (maintainer)
A malicious Weblate site administrator or local operator with unrestricted server access. Such an actor can change settings, credentials, data, or code. (maintainer)
Vulnerabilities in third-party dependencies as independent projects. General Django, Django REST framework, Python Social Auth, BorgBackup, VCS, database, and provider vulnerabilities are reported upstream unless the issue is in Weblate's use of them. (documented) (source: 漏洞和事件处理)
Build and release hygiene, including action pinning, artifact signing, dependency freshness, and repository branch protection. These affect project operations but are not threat-model claims about Weblate runtime behavior. (maintainer)
General security of external VCS providers, identity providers, mail servers, machine-translation services, avatar services, CDN storage, or backup storage. Weblate models only its configured interactions with them. (maintainer)
User organizations' translation-supply-chain choices outside Weblate. Outsourced or crowdsourced translator risks are described separately in 本地化威胁模型. (documented) (source: 本地化威胁模型)
Third-party add-on code, local customization code, development fixtures, generated documentation output, test-only code, and demo or example data. (maintainer)
信任边界和数据流动¶
Weblate's primary trust boundary is the network-facing application surface: browser views, API endpoints, webhook endpoints, and upload endpoints accept data from less-trusted actors and translate it into database rows, local repository state, background tasks, outbound requests, and rendered UI. (maintainer)
Boundary |
信任转变 |
|---|---|
客户端浏览器/API 客户端到 Weblate |
Untrusted or authenticated requests become permission-checked application actions. (documented) (source: Weblate 的 REST API, 访问控制) |
Webhook 发送方到 Weblate |
Public forge notifications can schedule repository synchronization where hooks are enabled. (documented) (source: 通知钩子, 启用钩子) |
Weblate 到数据库/数据存储 |
Permission-checked application state becomes persistent data and queued work. (documented) (source: 配置说明) |
Weblate 到本地 VCS 仓库 |
Project configuration and repository content drive filesystem and VCS operations. (documented) (source: 持续本地化) |
Weblate 到外部服务 |
Configured URLs, credentials, and provider settings drive outbound network connections. (documented) (source: 代码托管集成, 配置) |
Backup archive to Weblate filesystem |
Uploaded ZIP members and metadata become restored project state. (documented) (source: 备份和迁移 Weblate) |
可及性前提条件:
A web UI or API finding is in model only when reachable by an unauthenticated client, authenticated user, or project-scoped token through documented routes, forms, or API endpoints. (maintainer)
An authorization finding is in model only when it crosses a documented permission, team, project, component, language, glossary, token, or site-wide boundary. (documented) (source: 访问控制)
A webhook finding is in model only when a request can reach an enabled hook endpoint and affect repository update scheduling, task volume, or information returned to the caller. (documented) (source: 通知钩子, 启用钩子)
A VCS finding is in model only when attacker-controlled or less-trusted repository data, branch names, URLs, file names, commit metadata, or project configuration can influence Weblate's VCS operations. (maintainer)
A backup import finding is in model only when reachable from a project backup uploaded through Weblate or supplied to
import_projectbackup. (documented) (source: 项目级别备份,import_projectbackup)A background-task finding is in model only when the task can be queued from an in-scope Weblate surface or scheduled Weblate maintenance path. (documented) (source: 配置说明)
A management-command finding is in model only when untrusted Weblate data is processed by the command; arbitrary local shell access is not an attacker capability. (maintainer)
环境假设¶
Weblate assumes a supported Python and Django runtime, a correctly configured database, a datastore, a writable data directory, and running workers for features that require background processing. (documented) (source: 配置说明)
Production deployments are expected to configure the external web server or
reverse proxy consistently with Weblate's HTTPS, host header, body-size, and
proxy-header settings. (documented) (source: 配置说明,
ENABLE_HTTPS, ALLOWED_HOSTS)
The database, datastore, and internal service ports are assumed not to be directly exposed to untrusted networks. (maintainer)
Filesystem permissions are assumed to prevent unrelated local users from modifying Weblate's data directory, configuration, VCS repositories, generated SSH wrappers, backups, and secret material. (documented) (source: 备份和迁移 Weblate, 配置说明)
Celery workers are trusted components of the same Weblate instance. A malicious or compromised worker is equivalent to a compromised application process. (maintainer)
VCS command execution, SSH, and HTTPS clients are assumed to execute as the
Weblate service user with the credentials configured for the relevant project
or integration. (documented) (source: 代码托管集成,
SSH_EXTRA_ARGS)
Weblate 对其主机做什么:
It opens outbound network connections for configured VCS, identity-provider, avatar, machine-translation, backup, status-reporting, telemetry, error-reporting, and add-on features. (documented) (source: 配置, 代码托管集成, 备份和迁移 Weblate)
It runs VCS and backup-related helper commands as part of repository and backup workflows. (documented) (source: 持续本地化, 备份和迁移 Weblate)
It writes to the configured data directory, repository storage, media/fonts, backup dumps, logs, and cache locations. (documented) (source: 配置, 备份和迁移 Weblate)
It sends e-mail and notifications when configured to do so. (documented) (source: 配置)
It does not claim to be free of process-wide side effects such as logging, cache writes, subprocess execution, or outbound network access. (maintainer)
构建时间和配置变体¶
Knob |
默认或文档记录的立场 |
对模型的影响 |
维护者立场 |
|---|---|---|---|
Anonymous remote hooks are configurable and must also be enabled for a project. (documented) |
将 webhook 端点暴露为公共时间安排接口。滥用抵抗取决于部署控制。 (文档中有信息) (来源:通知钩子, 启用钩子) |
Production deployments exposing hooks use reverse-proxy rate limits, body-size limits, monitoring, and minimal public exposure. (maintainer) |
|
|
HTTPS affects secure cookies, redirects, HSTS, WebAuthn, and generated
URLs. (documented) (source: |
Disabling or misconfiguring HTTPS removes transport and cookie
protections that Weblate relies on for browser security. (documented) (source: |
The documented production posture is HTTPS with correct proxy headers. (documented) |
配置接受的 HTTP 主机名。 (文档中有信息) (来源: |
Broad host acceptance can weaken host-header based protections and URL generation assumptions. (maintainer) |
Production deployments restrict this to instance hostnames. (maintainer) |
|
|
Rate limits are configurable. (documented) (source: Weblate 的 REST API, 配置) |
Availability claims assume rate limits appropriate to deployment size and exposure. (maintainer) |
Disabling rate limits changes DoS triage from Weblate bug to deployment posture unless a single request violates a claimed property. (maintainer) |
|
Content Security Policy sources are configurable. (documented) (source: 配置) |
Broadening sources can reduce browser-side containment for XSS or third-party content. (maintainer) |
Deployments adding third-party sources accept that expanded browser trust. (maintainer) |
|
Defaults bound project backup upload and import size, member count, and suspicious compression ratios. (documented) (source: 配置) |
Raising or disabling these limits expands restore-time resource exposure. (documented) (source: 配置) |
The defaults documented above are part of backup-import resource guarantees. (documented) |
Private-target restrictions and allowlists for outbound URLs |
User-configurable outbound URL surfaces documented with private-target
restriction settings reject internal or non-public targets by default.
(documented) (source: |
Allowlist settings and privileged configuration can intentionally expand
reachability. (documented) (source: |
Default private-target rejection is an application-level security property for the documented user-configurable URL surfaces. (maintainer) |
允许自定义 SSH 选项。 (文档中有信息) (来源: |
Weakening SSH algorithms or host verification changes VCS transport assumptions. (maintainer) |
Operators own the security impact of custom SSH options. (maintainer) |
|
Third-party add-ons and local customization |
Administrators can extend behavior. (documented) (source: 附加组件) |
Custom code can add new trust boundaries and security properties outside this model. (maintainer) |
Third-party code is modeled separately. (maintainer) |
输入假设¶
Surface |
Input |
Attacker-controllable? |
Caller or operator must enforce |
|---|---|---|---|
Browser forms and REST API |
Request bodies, query strings, uploaded files, headers, cookies |
Yes, within the actor's authentication state. (documented) (source: Weblate 的 REST API) |
HTTPS, correct host/proxy configuration, rate limits, and permission assignment. (documented) (source: 配置说明, 访问控制) |
身份认证端点 |
Passwords, WebAuthn data, SSO callbacks, reset tokens |
Yes. (documented) (source: 身份认证) |
Correct identity-provider configuration and HTTPS. (documented) (source: 身份认证, |
项目级令牌 |
通过令牌认证的 API 请求 |
Yes, by whoever holds the token. (documented) (source: Weblate 的 REST API) |
Token storage, rotation, and least-privilege team membership. (maintainer) |
翻译内容 |
源字符串、翻译、评论、建议、术语表条目 |
Yes, from users with relevant permissions or imported repositories. (documented) (source: 使用 Weblate 进行翻译工作, 访问控制) |
Review workflows for project-specific content integrity. (documented) (source: 翻译工作流) |
Webhook 端点 |
Headers, event type, body, repository and branch metadata |
Yes, where endpoint is reachable. (documented) (source: 通知钩子) |
Hook enablement only where needed, request limits, and monitoring. (maintainer) |
仓库配置 |
Repository URLs, branches, push URLs, credentials, Gerrit review push options, add-on settings |
Trusted to users with corresponding management permissions. (documented) (source: 访问控制, 持续本地化) |
Assign VCS and project management permissions only to trusted users. (documented) (source: 访问控制) |
外部仓库内容 |
Translation files, paths, branch names, commit metadata |
Yes, if the upstream repository is controlled by another actor. (maintainer) |
Trust the configured upstream repository or review imported changes. (maintainer) |
项目备份导入 |
ZIP archive members, metadata, translation files, repository state |
Yes, for whoever can upload or provide the backup. (documented) (source: 项目级别备份) |
Keep import limits at values appropriate for the instance. (documented) (source: 配置) |
机器翻译和外部服务配置 |
Provider URLs, credentials, model or service settings |
Trusted to administrators or users granted configuration permissions. (documented) (source: 自动建议, 访问控制) |
Treat configured providers as recipients of the data sent to them; the submitted content varies by provider and enabled feature. (maintainer) |
管理命令 |
Command-line arguments and files supplied by the local operator |
Trusted local input unless processing Weblate data or project backups. (maintainer) |
Restrict shell access to trusted operators. (maintainer) |
大小和速率假设:
Weblate relies on application and reverse-proxy upload limits for large HTTP requests. (documented) (source:
PROJECT_BACKUP_UPLOAD_MAX_SIZE)Project backup imports are bounded by member count, aggregate uncompressed size, compressed entry size, minimum ratio size, and compression ratio settings. (documented) (source: 配置)
API and selected web actions are expected to be protected by configured rate limits. (documented) (source: Weblate 的 REST API, 配置)
Repository size, number of projects, number of components, and worker capacity are deployment-sizing concerns unless a single in-scope input bypasses documented limits or permissions. (maintainer)
Adversary model¶
Actor |
范围内能力 |
超范围能力 |
|---|---|---|
未认证身份的互联网客户端 |
Send HTTP(S) requests to public pages, registration, login, API, and reachable webhook endpoints. (documented) (source: Weblate 的 REST API) |
Read server memory, bypass reverse proxy controls, or access internal services directly. (maintainer) |
已认证身份的用户 |
Perform actions allowed by assigned teams, permissions, and workflow. (documented) (source: 访问控制) |
在不利用 Weblate 漏洞情况下超出分配权限采取行动. (文档中有信息) (来源: 访问控制) |
Reviewer or project manager |
实施委托的项目、部件、语言、审核、VCS、翻译记忆库、屏幕截图或访问管理权限。 (文档中有信息) (来源: 访问控制) |
Become a site administrator unless granted that role or exploiting a Weblate flaw. (maintainer) |
Project-scoped API token holder |
Use API permissions assigned to the token's team memberships. (documented) (source: Weblate 的 REST API, 访问控制) |
Access projects, components, or site-wide functions outside its scope. (documented) (source: 访问控制) |
Webhook 发送方 |
Send forged, replayed, malformed, or high-volume webhook requests to enabled hook endpoints. (documented) (source: 通知钩子) |
Obtain forge-authenticated identity where Weblate does not verify it. (maintainer) |
External VCS or service provider |
Return repository data, API responses, redirects, or errors according to the configured integration. (documented) (source: 代码托管集成) |
Compromise the Weblate host except through data or protocol behavior Weblate processes. (maintainer) |
译者或本地化贡献者 |
Submit translation content that downstream applications might consume. (documented) (source: 本地化威胁模型) |
Control downstream application escaping, rendering, or review policy outside Weblate. (documented) (source: 本地化威胁模型) |
本地运营方 |
Run management commands, change configuration, and access backups. (documented) (source: 管理命令, 备份和迁移 Weblate) |
Local malicious operators are trusted for this model. (maintainer) |
The modeled attacker tries to bypass authorization, modify translation or repository data without permission, disclose private project or user data, forge or abuse repository synchronization, trigger unsafe outbound requests, execute commands through Weblate-controlled workflows, or exhaust bounded application resources. (maintainer)
Weblate 提供的安全属性¶
属性 |
条件 |
Violation symptom |
严重等级 |
|---|---|---|---|
Web 认证区分站点、项目、部件、语言、术语表、VCS、翻译记忆库、屏幕截图、审核、访问管理权限。 (文档中有信息) (来源:访问控制) |
Permission assignments match the intended trust relationship. |
User or token can read or mutate data outside assigned scope. |
Security-critical when private data or privileged mutation is exposed. |
Project-scoped API tokens are limited by assigned project/team permissions. (documented) (source: Weblate 的 REST API, 访问控制) |
Token is created and stored by a trusted actor. |
Token can act outside project or team scope. |
对安全有重要影响。 |
Authentication and session controls protect browser sessions when HTTPS
and proxy settings are correct. (documented) (source: 身份认证,
|
Production HTTPS and secure-cookie settings are enabled. |
Session fixation, credential bypass, or cross-user session confusion. |
对安全有重要影响。 |
User-supplied content rendered by Weblate is expected not to execute script in other users' browsers. (maintainer) |
Content is displayed through Weblate UI templates and standard escaping. |
Stored or reflected XSS in the Weblate origin. |
对安全有重要影响。 |
Repository, branch, path, and VCS inputs processed by Weblate must not become shell command execution. (maintainer) |
VCS operations are invoked through Weblate-supported repository workflows and configured credentials. |
以 Weblate 用户身份注入命令或执行任意代码。 |
对安全有重要影响。 |
Private project data, user data, credentials, tokens, SSH keys, and 2FA secrets are not disclosed to actors lacking permission. (documented) (source: 访问控制, 隐私监管合规) |
Host, database, and storage permissions are intact. |
Cross-project data leak, credential exposure, or unauthorized export. |
对安全有重要影响。 |
Backup import rejects archives exceeding documented upload, member, aggregate size, and suspicious compression thresholds. (documented) (source: 配置, 项目级别备份) |
默认或更严格的限制保持已配置状态。 |
Oversized or highly amplified archive is accepted past configured thresholds. |
Security-critical for single-request DoS; otherwise availability bug. |
Documented user-configurable outbound URL surfaces reject internal or
non-public targets by default. (documented) (source:
|
Default private-target checks are enabled and no trusted allowlist exemption applies. |
A user-configurable screenshot URL, remote HTML URL, project website or repository browser URL, outbound webhook URL, or VCS URL reaches an internal or non-public target despite default controls. |
Security-critical when it exposes internal services or metadata. |
Weblate records security-relevant account, permission, and project or component setting changes in audit logs or history. (documented) (source: 隐私监管合规, Weblate 2026.7) |
Logging is configured and storage is available. |
Missing audit trail for an action Weblate claims to log. |
Security-critical when it blocks investigation of privileged changes; correctness-only for minor event gaps. |
Rate-limited API and web actions enforce configured rate limits. (documented) (source: Weblate 的 REST API, 配置) |
Rate limiting is enabled and backed by a working datastore. |
Requests exceeding configured thresholds continue to be processed. |
Availability/security hardening depending on endpoint sensitivity. |
Weblate does not intentionally expose database, datastore, backup storage, or raw internal storage directly through the public web interface; exported VCS repositories are intentionally exposed by Git 导出器 when that optional module is enabled. (maintainer) |
Deployment does not serve internal storage paths as static files except for documented export features. |
Public request retrieves raw internal storage, configuration, or non-exported repository data. |
对安全有重要影响。 |
Resource thresholds in this model are the documented configuration defaults where they exist, especially backup import limits and rate limits. For repository size, project count, component count, and translation volume, Weblate does not claim a fixed universal resource ceiling independent of deployment capacity. (maintainer)
Security properties Weblate does not provide¶
Weblate does not authenticate every webhook delivery cryptographically for all
supported forge integrations. Hook endpoints are compatibility-oriented and
deployment-hardened rather than uniformly forge-authenticated. Reports that
show only unauthenticated triggering within modeled effects are
VALID-HARDENING rather than BY-DESIGN. (maintainer)
Weblate does not make an unauthenticated webhook equivalent to a trusted forge identity. Hook processing can trigger update workflows, but attribution and authenticity are weaker than for an authenticated user or token. (maintainer)
Weblate is not a sandbox for malicious administrators, malicious local operators, third-party add-ons, custom deployment code, VCS clients, or backup tools. (maintainer)
Weblate does not guarantee that translation content is safe when copied into a downstream product without that product's own escaping, validation, or review. Translation checks and review workflows help manage localization quality and risk; they are not a complete downstream application security boundary. (documented) (source: 本地化威胁模型, 检查和修正)
False friends:
Weblate permissions are application authorization, not a host sandbox. A user granted VCS or project management permissions can intentionally configure integrations within that role's power. (maintainer)
Webhook project matching and event parsing are not proof that the sender is the legitimate forge when the integration does not authenticate the delivery. (maintainer)
Translation checks detect common quality and format problems; they are not a guarantee that translated strings are safe for every downstream renderer. (documented) (source: 检查和修正, 本地化威胁模型)
BorgBackup encryption protects backup archives according to Borg's design; Weblate does not add a separate cryptographic guarantee for Borg internals. (documented) (source: 备份和迁移 Weblate)
Rate limits reduce abuse of configured endpoints; they are not a guarantee of availability under volumetric network attacks. (maintainer)
Well-known attack classes left partly or wholly to deployment or downstream systems:
Phishing and credential reuse are mitigated by authentication policy and 2FA, but Weblate cannot prevent users from disclosing credentials outside the service. (maintainer)
Malicious translations can become XSS, format-string, command, or policy problems in downstream applications that render them unsafely. (documented) (source: 本地化威胁模型)
User-configurable outbound URL surfaces with documented private-target restrictions reject internal or non-public targets by default; privileged allowlists, proxies, and administrator-controlled configuration can intentionally expand reachability. (maintainer)
Large repository histories, project scale, and background task volume require deployment sizing and operational limits beyond Weblate's single-input validation. (maintainer)
下游责任¶
Operators must deploy Weblate behind production-grade HTTPS with correct proxy
headers, hostnames, request-size limits, and secure-cookie behavior.
(documented) (source: 配置说明, ENABLE_HTTPS,
ALLOWED_HOSTS)
Operators must assign teams, roles, project-scoped tokens, VCS credentials, and project management permissions according to least privilege for their organization. (documented) (source: 访问控制, Weblate 的 REST API)
Operators exposing 通知钩子 must enable them only where needed and provide deployment controls such as reverse-proxy rate limits, body-size limits, monitoring, and optional source restrictions. (maintainer)
Operators must treat private-target allowlists, proxies, and privileged outbound integration settings as intentional expansion of Weblate's default network reachability limits. (maintainer)
Operators must keep backup import limits, API rate limits, and web rate limits at values that match instance capacity and exposure. (documented) (source: 配置)
Operators must protect the Weblate data directory, configuration, backup credentials, generated keys, database, datastore, and local shell access as trusted infrastructure. (documented) (source: 备份和迁移 Weblate, 配置说明)
Downstream product teams must treat translated strings as untrusted content in their own applications unless they have separately reviewed, escaped, and validated them for the target renderer. (documented) (source: 本地化威胁模型)
已知的误用模式¶
Exposing webhook endpoints broadly, enabling project hooks, and relying on webhook payloads as authenticated forge identity. This is unsafe because some supported hooks are compatibility-oriented. Use deployment controls and prefer authenticated integrations where available. (maintainer)
Granting project management, VCS, or access-management permissions to users who are trusted only as translators. This is unsafe because those permissions can affect repositories, credentials, or other users. Assign narrower roles. (documented) (source: 访问控制)
Sending sensitive source strings or private customer content to machine translation providers without treating the provider as a data recipient. This is unsafe because Weblate must transmit content to the configured service, and the submitted content varies by provider and enabled feature. Configure providers according to the data policy for the project. (maintainer)
Importing project backups from untrusted sources as an administrative convenience. This is unsafe because backups carry project metadata, translation content, and repository state. Keep import limits enabled and import only backups appropriate for the target instance. (documented) (source: 备份和迁移 Weblate)
Treating Weblate translation checks as proof that downstream applications cannot be attacked through translated strings. This is unsafe because the downstream renderer defines the final execution context. Review and escape translations in the consuming application. (documented) (source: 本地化威胁模型)
Known non-findings¶
A report that a reachable webhook can be called without forge authentication and only triggers modeled update scheduling is not
VALIDby itself. It is routed toVALID-HARDENINGunless it bypasses documented limits, leaks data, or causes effects beyond modeled scheduling. (maintainer)A report that a project manager can change repository settings, VCS credentials, or project configuration is not a vulnerability when the actor has the documented permission for that action. (documented) (source: 访问控制)
A report that a project manager can configure Gerrit review push options is not a vulnerability by itself. Gerrit interprets these options as the configured Weblate Gerrit account and enforces Gerrit-side permissions. (documented) (source: 推送分支)
A report against third-party add-on behavior is not a Weblate core vulnerability unless the report shows Weblate's permission or installation boundaries are bypassed. (maintainer)
A report that a malicious local operator can read configuration, run management commands, or alter files is out of model because local operators are trusted infrastructure. (maintainer)
A report that a downstream application renders a dangerous translation is not a Weblate vulnerability unless Weblate itself violates a claimed property while storing, checking, reviewing, or displaying that translation. (documented) (source: 本地化威胁模型)
Conditions that change this model¶
Revise this model when Weblate adds a new public endpoint family, a new authentication or token mode, a new default deployment mode, a new backup or import format, a new VCS execution path, a new outbound integration class, a new add-on execution capability, or a change to defaults for hooks, HTTPS, rate limits, CSP, private-network access, or backup import limits. (maintainer)
Revise this model when an unsupported component becomes supported product surface, when a documented security property is removed or narrowed, or when maintainers accept a vulnerability report that cannot be routed to a triage disposition below. (maintainer)
分类处置¶
处置 |
含义 |
许可方 |
|---|---|---|
|
Violates a property Weblate claims, through an in-scope actor and input. |
Security properties Weblate provides, Input assumptions, Adversary model |
|
No claimed property is violated, but Weblate chooses to reduce a known misuse risk, such as compatibility webhook triggering that stays within modeled effects. |
Known misuse patterns, Security properties Weblate does not provide |
|
Requires attacker control of input this model marks trusted. |
|
|
Requires a capability this model excludes. |
|
|
Lands in third-party add-ons, generated docs, tests, local customization, or another component marked out of scope. |
|
|
Manifests only after deployment choices that knowingly remove a claimed property. |
|
|
事关一个 Weblate 确实没有提供的属性。 |
|
|
Matches a documented recurring false positive. |
|
|
Cannot be cleanly routed to any disposition above. |