Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/07 6:25 p.m.10 views

CVE-2025-43849

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpta and cpktb variables take user input e.g. a path to a model and pass it to the merge function in processckpt.py, which uses them to...

9.8CVSS7.8AI score0.00762EPSS
Exploits0References1
circl
circl
added 2025/05/05 8:16 p.m.21 views

CVE-2025-43849

creationtimestamp| type| source ---|---|--- 2025-05-05 20:16:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loh6qrf5gq2n 2025-05-05 21:33:05+00:00| published-proof-of-concept| Telegram/4ybX3uzHn196N4ZX40WWFSYjrgaegjcyIGLUDry13ex5SY 2025-05-05 21:44:33+00:00| seen|...

9.8CVSS4.8AI score0.00762EPSS
Exploits0References2
nvd
nvd
added 2025/05/05 7:15 p.m.16 views

CVE-2025-43849

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpta and cpktb variables take user input e.g. a path to a model and pass it to the merge function in processckpt.py, which uses them...

9.8CVSS0.00762EPSS
Exploits0References5
cve
cve
added 2025/05/05 6:20 p.m.60 views

CVE-2025-43849

CVE-2025-43849 affects Retrieval-based-Voice-Conversion-WebUI (RVC-Project). Versions up to 2.2.231006 are vulnerable due to unsafe deserialization in process_ckpt.py: the ckpt_a and cpkt_b inputs are passed to the merge function, which uses torch.load on user-provided paths, enabling remote code...

9.8CVSS7.4AI score0.00762EPSS
Exploits0References5Affected Software1
osv
osv
added 2025/05/05 6:20 p.m.6 views

CVE-2025-43849 GHSL-2025-019_Retrieval-based-Voice-Conversion-WebUI

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpta and cpktb variables take user input e.g. a path to a model and pass it to the merge function in processckpt.py, which uses them...

9.3CVSS8AI score0.00762EPSS
Exploits0References7
Rows per page
Query Builder