Lucene search
+L

4 matches found

NVD
NVD
added 2024/07/22 4:15 p.m.28 views

CVE-2024-39685

Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...

9.8CVSS0.01116EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/07/22 3:13 p.m.13 views

CVE-2024-39685 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py resample function

Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...

9.8CVSS7.2AI score0.01116EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/07/22 3:13 p.m.32 views

CVE-2024-39685 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py resample function

Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...

9.8CVSS0.01116EPSS
Exploits1References3
CVE
CVE
added 2024/07/22 3:13 p.m.44 views

CVE-2024-39685

Bert-VITS2 (fishaudio) vulnerability CVE-2024-39685 affects version 2.3 and earlier of the Bert-VITS2 backbone. The root cause is that user input to the data_dir variable is used directly in a subprocess.run(cmd, shell=True) call within the resample function, enabling arbitrary command execution....

9.8CVSS7.3AI score0.01116EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder