CVE-2024-12029 – invokeai

Package

Manager: pip
Name: invokeai
Vulnerable Version: >=5.3.1 <5.4.3rc2

Severity

Level: Critical

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.43062 pctl0.97407

Details

InvokeAI Deserialization of Untrusted Data vulnerability A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3rc2.

Metadata

Created: 2025-03-21T15:32:15Z
Modified: 2025-05-20T17:37:16Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-mcrp-whpw-jp68/GHSA-mcrp-whpw-jp68.json
CWE IDs: ["CWE-502"]
Alternative ID: GHSA-mcrp-whpw-jp68
Finding: F422
Auto approve: 1