Описание
A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local host.
EPSS
Процентиль: 21%
0.00068
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 5.3
github
9 месяцев назад
A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local host.
EPSS
Процентиль: 21%
0.00068
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20