PyPI package
invokeai
pkg:pypi/invokeai
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-6237 | Cri | 9.8 | < 6.7.0 | 6.7.0 | Sep 18, 2025 | A vulnerability in invokeai version v6.0.0a1 and below allows attackers to perform path traversal and arbitrary file deletion via the GET /api/v1/images/download/{bulk_download_item_name} endpoint. By manipulating the filename arguments, attackers can read and delete any files on | |
| CVE-2024-12029 | Cri | 9.8 | >= 5.3.1, < 5.4.3rc2 | 5.4.3rc2 | Mar 20, 2025 | A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedd | |
| CVE-2024-11043 | Hig | 7.5 | <= 5.0.2 | — | Mar 20, 2025 | A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, t | |
| CVE-2024-11042 | Cri | 9.1 | < 5.3.0rc1 | 5.3.0rc1 | Mar 20, 2025 | In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH | |
| CVE-2024-10821 | Hig | 7.5 | <= 5.0.2 | — | Mar 20, 2025 | A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of |
- affected < 6.7.0fixed 6.7.0
A vulnerability in invokeai version v6.0.0a1 and below allows attackers to perform path traversal and arbitrary file deletion via the GET /api/v1/images/download/{bulk_download_item_name} endpoint. By manipulating the filename arguments, attackers can read and delete any files on
- affected >= 5.3.1, < 5.4.3rc2fixed 5.4.3rc2
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedd
- affected <= 5.0.2
A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, t
- affected < 5.3.0rc1fixed 5.3.0rc1
In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH
- affected <= 5.0.2
A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of