Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability report contact person #2447

Open
sylwia-budzynska opened this issue Jan 20, 2025 · 7 comments
Open

Vulnerability report contact person #2447

sylwia-budzynska opened this issue Jan 20, 2025 · 7 comments

Comments

@sylwia-budzynska
Copy link

Hello,

I found a few vulnerabilities in the Retrieval-based-Voice-Conversion-WebUI project which I'd like to report. Please let me know if you'd like me to send the report to an email address or in another way, e.g. via private vulnerability reporting feature (it can be enabled in the Security tab > Private Vulnerability Reporting. Thank you!
@yukiarimo
Copy link

Is this about the code injection while inferencing my RVC models? Can somebody hack me, or not?

@sylwia-budzynska
Copy link
Author

Due to the nature of my work, I can only share it with the maintainers of the project, sorry! @RVC-Boss What is the best way to get in contact with you and other maintainers?

@fumiama
Copy link
Member

fumiama commented Jan 25, 2025

Due to the nature of my work, I can only share it with the maintainers of the project, sorry! @RVC-Boss What is the best way to get in contact with you and other maintainers?

Thanks for your effort. This repo is no longer active due to #2109 .

@sylwia-budzynska
Copy link
Author

Thank you for letting me know @fumiama ! Do you know if there is any way to get in contact with @RVC-Boss ?

@blaisewf
Copy link
Contributor

Hi @sylwia-budzynska. This repository is also affected? It shares some code similarities.

I'm the main maintainer https://github.com/IAHispano/Applio

@fumiama
Copy link
Member

fumiama commented Jan 28, 2025

Thank you for letting me know @fumiama ! Do you know if there is any way to get in contact with @RVC-Boss ?

The DM of his Bilibili account https://space.bilibili.com/5760446 or QQ if you have one.

@sylwia-budzynska
Copy link
Author

The DM of his Bilibili account https://space.bilibili.com/5760446 or QQ if you have one.

Thanks! I don't have an account. I'll consult with my team whether to contact the maintainer on personal accounts.

@RVC-Boss if you see this, please could you enable the private vulnerability reporting feature (it can be enabled in the Security tab > Private Vulnerability Reporting)?

Hi @sylwia-budzynska. This repository is also affected? It shares some code similarities.

I'm the main maintainer https://github.com/IAHispano/Applio

@blaisewf Please could you go to https://github.com/IAHispano/Applio > Security tab > Advisories and see the comments under GHSL-2024-341?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fumiama @yukiarimo @sylwia-budzynska @blaisewf