VYPR

ComfyUI-Ace-Nodes

by ComfyUI Ace Nodes

CVEs (1)

  • CVE-2024-21577CriDec 13, 2024
    risk 0.65cvss 10.0epss 0.01

    ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arbitrary user-controlled data. A user can create a workflow that results in executing arbitrary code on the server.