Filtered by vendor Zanllp
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-46315 | 1 Zanllp | 1 Stable Diffusion Webui Infinite Image Browsing | 2024-11-21 | N/A | 7.5 HIGH |
The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before 977815a for stable-diffusion-webui (aka Stable Diffusion web UI), if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL, as demonstrated by reading /proc/self/environ to discover credentials. |