CVE-2023-6656

Source
https://cve.org/CVERecord?id=CVE-2023-6656
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6656.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-6656
Published
2023-12-10T20:31:04.738Z
Modified
2026-07-15T01:49:08.973041635Z
Severity
  • 5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L CVSS Calculator
Summary
DeepFaceLab DFLJPG.py deserialization
Details

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. It has been rated as critical. Affected by this issue is some unknown functionality of the file DFLIMG/DFLJPG.py. The manipulation leads to deserialization. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of this vulnerability is VDB-247364. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Database specific
{
    "cwe_ids": [
        "CWE-502"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/6xxx/CVE-2023-6656.json",
    "cna_assigner": "VulDB",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "pretrained DF.wf.288res.384.92.72.22"
                },
                {
                    "last_affected": "pretrained DF.wf.288res.384.92.72.22"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ]
}
References

Affected packages

Git / github.com/iperov/deepfacelab

Affected ranges

Type
GIT
Repo
https://github.com/iperov/deepfacelab
Events
Database specific
{
    "cpe": "cpe:2.3:a:iperov:deepfacelab:df.wf.288res.384.92.72.22:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "df.wf.288res.384.92.72.22"
        },
        {
            "last_affected": "df.wf.288res.384.92.72.22"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

DF.*
DF.wf.288res.384.92.72.22
df.*
df.wf.288res.384.92.72.22

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6656.json"