search

invoke-ai / InvokeAI

Invoke is a leading creative engine for Stable Diffusion models, empowering professionals, artists, and enthusiasts to generate and create visual media using the latest AI-driven technologies. The solution offers an industry leading WebUI, and serves as the foundation for multiple commercial products.
https://invoke-ai.github.io/InvokeAI/
Apache License 2.0
23.75k stars 2.44k forks source link

Security Policy #7375

Open jackfromeast opened 13 hours ago

jackfromeast commented 13 hours ago

Is there an existing issue for this?

Contact Details

No response

What should this feature add?

Hi, InvokeAI maintainers!

We have found a critical vulnerability in InvokeAI. Could you set up a security policy for this repository to support responsible reporting of security issues?

Instructions can be found at: https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository

Thank you!

Alternatives

No response

Additional Content

No response

ausbitbank commented 3 hours ago

I'm not invoke staff, but I'm pretty keen to learn more about this. Are you able to share the gist (without revealing full exploit details obviously) or -> invoke@ausbit.dev