10 matches found
CVE-2026-8756
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756 fishaudio Bert-VITS2 Gradio webui_preprocess.py generate_config path traversal
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756 fishaudio Bert-VITS2 Gradio webui_preprocess.py generate_config path traversal
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generateconfig of the file webuipreprocess.py of the component Gradio Interface. Such manipulation of the argument datadir leads to path traversal. The attac...
CVE-2026-8756
CVE-2026-8756 affects fishaudio Bert-VITS2 (up to commit 8f7fbd8c4770965225d258db548da27dc8dd934c) with a path traversal vulnerability in the Gradio Interface’s webui_preprocess.py, specifically in generate_config. The issue arises from manipulating the data_dir argument, enabling remote exploita...
PT-2026-41567
Name of the Vulnerable Software and Affected Versions fishaudio Bert-VITS2 versions up to 8f7fbd8c4770965225d258db548da27dc8dd934c Description A path traversal issue exists in the Gradio Interface component. A remote attacker can manipulate the data dir argument within the generate config functio...
LLaVA 输入验证错误漏洞
LLaVA is an application by Haotian Liu, an individual developer. LLaVA suffers from an input validation error vulnerability that stems from improper input validation of the gradio web UI component, which could lead to a local file inclusion attack...
GHSA-RHQ2-3VR9-6MCR Files on the host computer can be accessed from the Gradio interface
Impact This is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces using gradio=2.5.0...
Files on the host computer can be accessed from the Gradio interface
Impact This is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces using gradio=2.5.0...