Rvc-project

Retrieval-based-voice-conversion-webui

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-43852

  • EPSS 6.02%
  • Veröffentlicht 05.05.2025 18:21:36
  • Zuletzt bearbeitet 01.08.2025 16:54:02

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The model_choose variable takes user input (e.g. a path to a model) and passes it to the uvr f...

9.8

CVE-2025-43851

  • EPSS 6.02%
  • Veröffentlicht 05.05.2025 18:21:16
  • Zuletzt bearbeitet 01.08.2025 16:54:10

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The model_choose variable takes user input (e.g. a path to a model) and passes it to the uvr f...

9.8

CVE-2025-43850

  • EPSS 6.02%
  • Veröffentlicht 05.05.2025 18:20:57
  • Zuletzt bearbeitet 01.08.2025 16:54:24

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_dir variable takes user input (e.g. a path to a model) and passes it to the change_in...

9.8

CVE-2025-43849

  • EPSS 6.27%
  • Veröffentlicht 05.05.2025 18:20:39
  • Zuletzt bearbeitet 01.08.2025 16:54:29

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_a and cpkt_b variables take user input (e.g. a path to a model) and pass it to the me...

9.8

CVE-2025-43848

  • EPSS 6.02%
  • Veröffentlicht 05.05.2025 17:54:58
  • Zuletzt bearbeitet 01.08.2025 16:54:34

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_path0 variable takes user input (e.g. a path to a model) and passes it to the change_...

9.8

CVE-2025-43847

  • EPSS 6.02%
  • Veröffentlicht 05.05.2025 17:21:29
  • Zuletzt bearbeitet 01.08.2025 16:54:39

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_path2 variable takes user input (e.g. a path to a model) and passes it to the extract...

9.8

CVE-2025-43846

  • EPSS 6.02%
  • Veröffentlicht 05.05.2025 17:16:55
  • Zuletzt bearbeitet 01.08.2025 16:54:44

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_path1 variable takes user input (e.g. a path to a model) and passes it to the show_in...

9.8

CVE-2025-43845

  • EPSS 2.21%
  • Veröffentlicht 05.05.2025 17:15:56
  • Zuletzt bearbeitet 01.08.2025 16:54:49

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to code injection. The ckpt_path2 variable takes user input (e.g. a path to a model) and passes it to change_info_ functi...

9.8

CVE-2025-43844

  • EPSS 1.87%
  • Veröffentlicht 05.05.2025 17:11:05
  • Zuletzt bearbeitet 01.08.2025 16:54:54

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to command injection. The variables exp_dir1, among others, take user input and pass it to the click_train function, whic...

9.8

CVE-2025-43843

  • EPSS 1.33%
  • Veröffentlicht 05.05.2025 17:09:35
  • Zuletzt bearbeitet 01.08.2025 16:54:59

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to command injection. The variables exp_dir1, np7 and f0method8 take user input and pass it into the extract_f0_feature f...