pkg:PyPI/invokeai

All known vulnerabilities

• CRITICAL9.8CVE-2025-6237InvokeAI has External Control of File Name or Path
  from 0, < 6.7.0
• CRITICAL9.8CVE-2024-12029InvokeAI Deserialization of Untrusted Data vulnerability
  >= 5.3.1, < 5.4.3rc2
• CRITICAL9.8CVE-2024-12029InvokeAI Deserialization of Untrusted Data vulnerability
  from 0, < 756008dc5899081c5aa51e5bd8f24c1b3975a59e | >= 5.3.1, < 5.4.3rc1
• CRITICAL9.1CVE-2024-11042InvokeAI Arbitrary File Deletion vulnerability
  from 0, < 5.3.0rc1
• HIGH7.5CVE-2024-11043InvokeAI Uncontrolled Resource Consumption vulnerability
  from 0, <= 5.0.2
• HIGH7.5CVE-2024-10821InvokeAI has Denial of Service (DoS) vulnerability in `/api/v1/images/upload`
  from 0, <= 5.0.2