Automatic1111 Stable-diffusion-webui
7 CVEs affecting Automatic1111 Stable-diffusion-webui. Latest disclosed: 2025-03-20. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-11045 | Critical | 9.6 | 2025-03-20 | A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server ex… |
CVE-2024-10935 | High | 7.5 | 2025-03-20 | automatic1111/stable-diffusion-webui version 1.10.0 contains a vulnerability where the server fails to handle excessive characters appended to the end of multi… |
CVE-2024-12375 | Medium | 6.5 | 2025-03-20 | A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attack… |
CVE-2024-12074 | Medium | 6.5 | 2025-03-20 | A Denial of Service (DoS) vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is… |
CVE-2024-31462 | Medium | 6.3 | 2024-04-12 | stable-diffusion-webui is a web interface for Stable Diffusion, implemented using Gradio library. Stable-diffusion-webui 1.7.0 is vulnerable to a limited file… |
CVE-2024-12374 | Medium | 6.1 | 2025-03-20 | A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, whic… |
CVE-2024-11044 | Medium | 6.1 | 2025-03-20 | An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary w… |