CVE-2024-39688 | FishAudio Bert-VITS2 up to 2.3 /config/config.json generate_config data_dir path traversal (GHSL-2024-045)
A vulnerability was found in FishAudio Bert-VITS2 up to 2.3. It has been declared as critical. Affected by this vulnerability is the function generate_config of the file /config/config.json. The manipulation of the argument data_dir leads to path trave…