Critical severity9.1NVD Advisory· Published Mar 20, 2025· Updated Apr 15, 2026
CVE-2024-11042
CVE-2024-11042
Description
In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
InvokeAIPyPI | < 5.3.0rc1 | 5.3.0rc1 |
Patches
15440c0376748fix(app): directory traversal when deleting images
2 files changed · +68 −6
invokeai/app/services/image_files/image_files_disk.py+17 −6 modified@@ -110,15 +110,26 @@ def delete(self, image_name: str) -> None: except Exception as e: raise ImageFileDeleteException from e - # TODO: make this a bit more flexible for e.g. cloud storage def get_path(self, image_name: str, thumbnail: bool = False) -> Path: - path = self.__output_folder / image_name + base_folder = self.__thumbnails_folder if thumbnail else self.__output_folder + filename = get_thumbnail_name(image_name) if thumbnail else image_name - if thumbnail: - thumbnail_name = get_thumbnail_name(image_name) - path = self.__thumbnails_folder / thumbnail_name + # Strip any path information from the filename + basename = Path(filename).name + + if basename != filename: + raise ValueError("Invalid image name, potential directory traversal detected") + + image_path = base_folder / basename + + # Ensure the image path is within the base folder to prevent directory traversal + resolved_base = base_folder.resolve() + resolved_image_path = image_path.resolve() + + if not resolved_image_path.is_relative_to(resolved_base): + raise ValueError("Image path outside outputs folder, potential directory traversal detected") - return path + return resolved_image_path def validate_path(self, path: Union[str, Path]) -> bool: """Validates the path given for an image or thumbnail."""
tests/app/services/image_files/test_image_files_disk.py+51 −0 added@@ -0,0 +1,51 @@ +import platform +from pathlib import Path + +import pytest + +from invokeai.app.services.image_files.image_files_disk import DiskImageFileStorage + + +@pytest.fixture +def image_names() -> list[str]: + # Determine the platform and return a path that matches its format + if platform.system() == "Windows": + return [ + # Relative paths + "folder\\evil.txt", + "folder\\..\\evil.txt", + # Absolute paths + "\\folder\\evil.txt", + "C:\\folder\\..\\evil.txt", + ] + else: + return [ + # Relative paths + "folder/evil.txt", + "folder/../evil.txt", + # Absolute paths + "/folder/evil.txt", + "/folder/../evil.txt", + ] + + +def test_directory_traversal_protection(tmp_path: Path, image_names: list[str]): + """Test that the image file storage prevents directory traversal attacks. + + There are two safeguards in the `DiskImageFileStorage.get_path` method: + 1. Check if the image name contains any directory traversal characters + 2. Check if the resulting path is relative to the base folder + + This test checks the first safeguard. I'd like to check the second but I cannot figure out a test case that would + pass the first check but fail the second check. + """ + image_files_disk = DiskImageFileStorage(tmp_path) + for name in image_names: + with pytest.raises(ValueError, match="Invalid image name, potential directory traversal detected"): + image_files_disk.get_path(name) + + +def test_image_paths_relative_to_storage_dir(tmp_path: Path): + image_files_disk = DiskImageFileStorage(tmp_path) + path = image_files_disk.get_path("foo.png") + assert path.is_relative_to(tmp_path)
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.