Vulnerabilities > CVE-2023-6656 - Deserialization of Untrusted Data vulnerability in Iperov Deepfacelab Df.Wf.288Res.384.92.72.22

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

iperov

CWE-502

NVD

Published: 2023-12-10

Updated: 2024-05-14

Summary

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. It has been rated as critical. Affected by this issue is some unknown functionality of the file DFLIMG/DFLJPG.py. The manipulation leads to deserialization. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of this vulnerability is VDB-247364. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Vulnerable Configurations

Part	Description	Count
Application	Iperov Iperov Deepfacelab Df.Wf.288Res.384.92.72.22	1

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References