Step-Video-T2V 安全漏洞

Step-Video-T2V is an image-to-video model open-sourced by stepfun-ai. There is a security vulnerability in Step-Video-T2V. This vulnerability stems from the use of pickle.loads to process request data in the /vae-api and /caption-api components. It may allow a remote attacker to execute arbitrary...

The vulnerability of the ReadCAPTIONImage function in the coders/caption.c component of the console image editing tool ImageMagick, which is related to infinite loop execution, allows a hacker to cause a service failure.

The vulnerability of the ReadCAPTIONImage function in the coders/caption.c component of the ImageMagick console graphics editor is related to the infinite execution of a loop. Exploiting this vulnerability allows an attacker who operates remotely to cause a service failure using a specially creat...