automatic1111 Stable Diffusion WebUI Denial-of-Service Vulnerability in File Upload Feature

Vulnerability

A denial-of-service vulnerability has been identified in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. This issue arises from improper handling of form-data containing large filenames in upload requests. When a payload with an excessively large filename is sent, the server becomes overwhelmed and unresponsive, causing a disruption in service for legitimate users. The vulnerability can be exploited without authentication, which enhances its scalability and potential impact.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the server to become unresponsive and unavailable to legitimate users.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

automatic1111 Stable Diffusion WebUI Denial-of-Service Vulnerability in File Upload Feature

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating