CVE-2024-12761: imaginAIry Denial of Service (DoS) vulnerability

March 20, 2025 (updated March 21, 2025)

A Denial of Service (DoS) vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the /api/stablestudio/generate endpoint, which can be exploited by sending an invalid request. This causes the server process to terminate abruptly, outputting KILLED in the terminal, and results in the unavailability of the server. This issue disrupts the server’s functionality, affecting all users.

References

github.com/advisories/GHSA-x5xw-28w4-53j5
github.com/brycedrennan/imaginAIry
huntr.com/bounties/282900f4-2498-42c4-8ce7-ba5368aaf035
nvd.nist.gov/vuln/detail/CVE-2024-12761

Code Behaviors & Features

Detect and mitigate CVE-2024-12761 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →