CVE-2023-6656

EPSS 0.85%
Veröffentlicht 10.12.2023 21:15:07
Zuletzt bearbeitet 21.11.2024 08:44:18
Quelle cna@vuldb.com
CVE-Watchlists
Login
Unerledigt
Login

DeepFaceLab DFLJPG.py deserialization

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. It has been rated as critical. Affected by this issue is some unknown functionality of the file DFLIMG/DFLJPG.py. The manipulation leads to deserialization. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of this vulnerability is VDB-247364. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Iperov ≫ Deepfacelab Versiondf.wf.288res.384.92.72.22

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.85%	0.534

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
cna@vuldb.com	5	1.6	3.4	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
cna@vuldb.com	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

https://github.com/bayuncao/vul-cve-1

Broken Link

https://vuldb.com/?ctiid.247364

Permissions Required

https://vuldb.com/?id.247364

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-6656

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-6656

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-6656

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-6656