CVE-2025-43852 | RVC-Project Retrieval-based-Voice-Conversion-WebUI up to 2.2.231006 vr.py uvr model_choose deserialization (GHSL-2025-012)

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability, which was classified as very critical, was found in RVC-Project Retrieval-based-Voice-Conversion-WebUI up to 2.2.231006. This affects the function uvr of the file vr.py. The manipulation of the argument model_choose leads to deserialization.

This vulnerability is uniquely identified as CVE-2025-43852. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-43852 | RVC-Project Retrieval-based-Voice-Conversion-WebUI up to 2.2.231006 vr.py uvr model_choose deserialization (GHSL-2025-012)

Post correlati

CVE-2024-5468 | Header Builder Plugin up to 1.3.7 on WordPress Site Options authorization

CVE-2024-33793 | Netis MEX605 2.00.06 Ping Test Page cross site scripting

CVE-2024-29082 | Vonets VGA-1000 up to 3.3.23.6.9 access control (icsa-24-214-08)

CVE-2024-35724 | Bosa Themes Bosa Elementor Addons and Templates for WooCommerce Plugin authorization