10 matches found
CVE-2026-8756
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756 fishaudio Bert-VITS2 Gradio webui_preprocess.py generate_config path traversal
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756 fishaudio Bert-VITS2 Gradio webui_preprocess.py generate_config path traversal
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
EUVD-2026-30702
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756
CVE-2026-8756 affects fishaudio Bert-VITS2 (up to commit 8f7fbd8c4770965225d258db548da27dc8dd934c) with a path traversal vulnerability in the Gradio Interface’s webui_preprocess.py, specifically in generate_config. The issue arises from manipulating the data_dir argument, enabling remote exploita...
Bert-VITS2 路径遍历漏洞
Bert-VITS2 is a core text-to-speech model developed by Fish Audio. Bert-VITS2 has a path traversal vulnerability. This vulnerability stems from the improper handling of the datadir parameter in the generateconfig function of the Gratuit Interface component, resulting in path traversal. Attackers...
CVE-2024-39688 fishaudio/Bert-VITS2 Limited File Write in webui_preprocess.py generate_config function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is concatenated with other folders and used to open a new file in the generateconfig function, which leads to a limited file write. The issue allows for writing /config/config.json file in arbitra...
CVE-2024-39688 fishaudio/Bert-VITS2 Limited File Write in webui_preprocess.py generate_config function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is concatenated with other folders and used to open a new file in the generateconfig function, which leads to a limited file write. The issue allows for writing /config/config.json file in arbitra...