CVE-2024-12761

Summary

A Denial of Service (DoS) vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the /api/stablestudio/generate endpoint, which can be exploited by sending an invalid request. This causes the server process to terminate abruptly, outputting KILLED in the terminal, and results in the unavailability of the server. This issue disrupts the server's functionality, affecting all users.

Affected Software

VendorProductVersion RangeStatus
brycedrennanbrycedrennan/imaginairyunspecified <= latestaffected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References