CVE-2024-12375

Medium CVSS: 6.5

A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitrary files on the system by sending a specially crafted request to the application.

Vendor

Automatic1111

Product

Stable-diffusion-webui

CWE

CWE-36

Yayın Tarihi

2025-03-20 10:15:27

Güncelleme

2025-10-30 15:21:43

Source Identifier

security@huntr.dev

KEV Date Added

Kategoriler

CWE-36 Stable-diffusion-webui MEDIUM Automatic1111 2025

Referanslar

https://huntr.com/bounties/21952043-395f-4cd3-9374-b73ab9612f27

Benzer Kayıtlar

Medium

CVE-2024-12074

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webu…

Medium

CVE-2024-12374

A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An…

Medium

CVE-2024-11044

An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated at…

Critical

CVE-2024-11045

A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an…

High

CVE-2024-10935

automatic1111/stable-diffusion-webui version 1.10.0 contains a vulnerability where the server fails to handle excessive…