| Title | DeepFaceLab DeepFaceLab pretrained DF.wf.288res.384.92.72.22 command execution |
|---|
| Description | DeepFaceLab has a command execution vulnerability
Deepfakes is a technology that uses deep learning in machine learning to achieve deep video face-changing. This technology can produce very realistic and natural face-changing videos on certain occasions. Among many software, DeepFaceLab is the easiest to install, the most convenient to use, and the fastest to update.
Line 53 of mainscripts/Util.py does not verify when loading external data, allowing attackers to construct malicious content and execute arbitrary commands. |
|---|
| Source | ⚠️ https://github.com/bayuncao/vul-cve-4 |
|---|
| User | bayuncao (UID 50143) |
|---|
| Submission | 01/15/2024 04:56 (2 years ago) |
|---|
| Moderation | 01/17/2024 15:26 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 251382 [DeepFaceLab pretrained DF.wf.288res.384.92.72.22 mainscripts/Util.py deserialization] |
|---|
| Points | 20 |
|---|