CVE-2024-39685

CVSS V2 None CVSS V3 None
Description
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in a command executed with subprocess.run(cmd, shell=True) in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier.
Overview
  • CVE ID
  • CVE-2024-39685
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-22T15:13:06.926Z
  • Last Modified Date
  • 2024-07-22T20:40:07.076Z
History
Created Old Value New Value Data Type Notes
2024-07-23 13:16:13 Added to TrackCVE