{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2025-47951","title":"Title"},{"category":"description","text":"Weblate is a web based localization tool. Prior to version 5.12, the verification of the second factor was not subject to rate limiting. The absence of rate limiting on the second factor endpoint allows an attacker with valid credentials to automate OTP guessing. This issue has been patched in version 5.12.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2025-47951","url":"https://www.suse.com/security/cve/CVE-2025-47951"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1244676 for CVE-2025-47951","url":"https://bugzilla.suse.com/1244676"}],"title":"SUSE CVE CVE-2025-47951","tracking":{"current_release_date":"2025-07-07T23:22:58Z","generator":{"date":"2025-06-17T23:38:41Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2025-47951","initial_release_date":"2025-06-17T23:38:41Z","revision_history":[{"date":"2025-06-17T23:38:41Z","number":"2","summary":"Current version"},{"date":"2025-07-07T23:22:58Z","number":"3","summary":"Current version"}],"status":"interim","version":"3"}}}