CVE-2024-32025

CVSS V2 None CVSS V3 None
Description
Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable to a command injection in `group_images_gui.py`. This vulnerability is fixed in 23.1.5.
Overview
  • CVE ID
  • CVE-2024-32025
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-04-16T14:44:21.648Z
  • Last Modified Date
  • 2024-06-04T17:51:20.289Z
Weakness Enumerations
CWE URL
CWE-77 http://cwe.mitre.org/data/definitions/77.html
References
Reference URL Reference Tags
https://github.com/bmaltais/kohya_ss/security/advisories/GHSA-qprv-9pg5-h33c x_refsource_CONFIRM
https://github.com/bmaltais/kohya_ss/commit/831af8babeb75faff62bcc6a8c6a4f80354f1ff1 x_refsource_MISC
https://securitylab.github.com/advisories/GHSL-2024-019_GHSL-2024-024_kohya_ss x_refsource_MISC
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-32025
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32025
History
Created Old Value New Value Data Type Notes
2024-06-26 08:53:34 Added to TrackCVE