VYPR
Vendor

ComfyUI Ace Nodes

Products
1
CVEs
1
Across products
1
Status
Private

Products

1

Recent CVEs

1
  • CVE-2024-21577CriDec 13, 2024
    risk 0.65cvss 10.0epss 0.01

    ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arbitrary user-controlled data. A user can create a workflow that results in executing arbitrary code on the server.