hay86/ComfyUI_AceNodes

Releases0

Stars96

Some useful custom nodes that are not included in ComfyUI core yet

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-21577 ↗	Dec 13, 2024Friday, 13 December 2024, 12:15	10 CRITICAL	—
ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arbitrary user-controlled data. A user can create a workflow that results in executing arbitrary code on the server.