CVE-2024-12074

Name of the Vulnerable Software and Affected Versions automatic1111/stable-diffusion-webui version 1.10.0

Description A Denial of Service (DoS) vulnerability exists in the file upload feature. The issue is due to improper handling of form-data with a large filename in the file upload request. Sending a payload with an excessively large filename overwhelms the server, causing unresponsiveness and unavailability for legitimate users. This issue can be exploited without authentication, making it highly scalable.

Recommendations automatic1111/stable-diffusion-webui version 1.10.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.