15 matches found
CVE-2024-32944
Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer .uar file, .zip file to UTAU, an arbitrary file may be placed...
CVE-2024-28886
OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file .ust file, an arbitrary OS command may be executed...
CVE-2024-28886
OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file .ust file, an arbitrary OS command may be executed...
CVE-2024-32944
Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer .uar file, .zip file to UTAU, an arbitrary file may be placed...
CVE-2024-28886
OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file .ust file, an arbitrary OS command may be executed...
CVE-2024-28886
OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file .ust file, an arbitrary OS command may be executed...
CVE-2024-28886
Summary of CVE-2024-28886 : An OS command injection vulnerability exists in UTAU versions prior to v0.4.19. When a user opens a crafted UTAU project file (.ust), an arbitrary OS command may be executed. Affected software is UTAU (pre-0.4.19). Root cause is an injection flaw in handling the .ust f...
CVE-2024-32944
Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer .uar file, .zip file to UTAU, an arbitrary file may be placed...
CVE-2024-32944
CVE-2024-32944 affects UTAU prior to v0.4.19. The issue is a path traversal vulnerability where installing a crafted voicebank installer (.uar or .zip) can place arbitrary files in UTAU. Supported by multiple sources (NVD/Red Hat/JVN/CVE records and PT-Security), the root cause relates to handlin...
CVE-2024-32944
Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer .uar file, .zip file to UTAU, an arbitrary file may be placed...
PT-2024-24991 · Utau · Utau
Name of the Vulnerable Software and Affected Versions: UTAU versions prior to v0.4.19 Description: A path traversal issue exists, allowing an arbitrary file to be placed if a user installs a crafted UTAU voicebank installer, such as a .uar or .zip file, to UTAU. Recommendations: For versions prio...
JVN#71404925: Multiple vulnerabilities in UTAU
UTAU provided by ameya/ayame contains multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Base Score 5.3 CVE-2024-28886 Path Traversal CWE-22 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 3.3 CVE-2024-32944 Impact If a user of...
UTAU 安全漏洞
UTAU is a Japanese UTAU open source song synthesizer created for Windows. A security vulnerability exists in UTAU versions prior to v0.4.19 that stems from the presence of an operating system command injection vulnerability...
UTAU 安全漏洞
UTAU is a Japanese UTAU open source song synthesizer created for Windows. A security vulnerability exists in UTAU versions prior to v0.4.19 that stems from the presence of a path traversal vulnerability...
PT-2024-22626 · Utau · Utau
Name of the Vulnerable Software and Affected Versions: UTAU versions prior to v0.4.19 Description: An OS command injection issue exists, allowing the execution of arbitrary OS commands if a user opens a crafted UTAU project file .ust file. Recommendations: For versions prior to v0.4.19, update to...