| Title | ComfyUI v0.3.40 Improperly Controlled Modification of Object Prototype Attribute |
|---|
| Description | ComfyUI is vulnerable to python class pollution vulnerability. When a malicious controlLora model, containing the dotted pollution path in its state dict, is loaded via the controlNet loader, ComfyUI unconditionally patch model parameters based on the polluted key and their value, which can be abused leading to arbitrary internal state modification, thus achieving DoS attack. |
|---|
| Source | ⚠️ https://gist.github.com/superboy-zjc/f71b84ed074260a5e459581caa2f1fb2 |
|---|
| User | Gavin Zhong (UID 84092) |
|---|
| Submission | 06/05/2025 21:12 (1 Year ago) |
|---|
| Moderation | 06/15/2025 11:47 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 312576 [comfyanonymous comfyui 0.3.40 /comfy/utils.py set_attr dynamically-determined object attributes] |
|---|
| Points | 19 |
|---|