Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-vv9c-xxg7-wmv7
  • PyPI/invokeai
 InvokeAI has External Control of File Name or Path 18 Sep 2025
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-mcrp-whpw-jp68
  • PyPI/invokeai
 InvokeAI Deserialization of Untrusted Data vulnerability 21 Mar 2025
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-227r-w5j2-6243
  • PyPI/invokeai
 InvokeAI Arbitrary File Deletion vulnerability 20 Mar 2025
  • Fix available
  • Severity - 9.1 (Critical)
GHSA-ffh5-w482-c7m5
  • PyPI/invokeai
 InvokeAI Uncontrolled Resource Consumption vulnerability 20 Mar 2025
  • No fix available
  • Severity - 7.5 (High)
GHSA-6f6x-f56q-5xgv
  • PyPI/invokeai
 InvokeAI has Denial of Service (DoS) vulnerability in `/api/v1/images/upload` 20 Mar 2025
  • No fix available
  • Severity - 7.5 (High)
PYSEC-2025-9
  • PyPI/invokeai
  • github.com/invoke-ai/invokeai
 See record for full details 20 Mar 2025
  • Fix available