Skip to content

Command injection in `finetune_gui.py` (`GHSL-2024-022`)

Critical
bmaltais published GHSA-8h78-3vqm-xw83 Apr 12, 2024

Package

No package listed

Affected versions

v22.6.1 - v23.1.3

Patched versions

v24.0.1+

Description

Summary

Kohya_ss v22.6.1 is vulnerable to command injection in finetune_gui.py

Fix commit: 831af8b

Severity

Critical

CVE ID

CVE-2024-32027

Weaknesses

Credits