https://github.com/Comfy-Org/ComfyUI ·
lang: python ·
LOC: ·
source: user_submitted
| Rule | Severity | Count |
|---|---|---|
AIC003 Duplicated implementation block across source files |
low | 30 |
ERR001 [ERR001] Silent Exception Swallowing (and 2 more): Same pat… |
info | 3 |
SEC013 Path Traversal — User Input in File Path |
high | 3 |
SEC029 Server-Side Request Forgery (SSRF) — outbound HTTP from use… |
high | 3 |
SEC034 Log Injection / Log Forging — unsanitized user input in log |
medium | 2 |
WEB005 robots.txt does not advertise a sitemap |
low | 1 |
AUC006 [AUC006] OpenAPI security contract should be reviewed: Open… |
info | 1 |
AIC002 Source file name looks like an AI patch artifact |
low | 1 |
WEB003 Public web service has no security.txt |
medium | 1 |
SEC032 Unrestricted File Upload — no extension/MIME validation |
high | 1 |
SEC013
Path Traversal — User Input in File Path
comfy_api_nodes/util/conversions.py:332
· conf 0.80
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.SEC013
Path Traversal — User Input in File Path
comfy_extras/nodes_dataset.py:32
· conf 0.80
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.SEC013
Path Traversal — User Input in File Path
comfy_extras/nodes_load_3d.py:18
· conf 0.80
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
app/frontend_management.py:127
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
comfy_api_nodes/apis/__init__.py:92
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
comfy/k_diffusion/utils.py:42
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC032
Unrestricted File Upload — no extension/MIME validation
comfy/k_diffusion/utils.py:289
· conf 1.00
[SEC032] Unrestricted File Upload — no extension/MIME validation: File upload accepts the user's filename without validating extension, content-type, or magic bytes. Attackers upload `.php`, `.jsp`, …AGT012
Agent control bridge may listen on a network interface without visible auth
main.py:22
· conf 0.72
Agent control bridge may listen on a network interface without visible authAUC006
[AUC006] OpenAPI security contract should be reviewed: OpenAPI or Swagger files were found. Repobility can compare declared security requirements against discovered route handlers.
[AUC006] OpenAPI spec has no visible security contract: OpenAPI or Swagger files were found, but no security schemes or operation security requirements were detected.ERR001
[ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
app/assets/api/schemas_in.py:297
· conf 1.00
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.ERR001
[ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
app/assets/seeder.py:467
· conf 1.00
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.ERR001
[ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
.ci/update_windows/update.py:70
· conf 1.00
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.SEC011
Unsafe PyTorch Model Loading
comfy_extras/nodes_dataset.py:1480
· conf 1.00
[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted model files.SEC012
ZipSlip — Archive Path Traversal
app/frontend_management.py:194
· conf 1.00
[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.SEC014
SSL Verification Disabled
server.py:1240
· conf 1.00
[SEC014] SSL Verification Disabled: SSL certificate verification is disabled, allowing man-in-the-middle attacks.SEC034
Log Injection / Log Forging — unsanitized user input in log
app/user_manager.py:245
· conf 1.00
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…SEC034
Log Injection / Log Forging — unsanitized user input in log
main.py:129
· conf 1.00
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…WEB003
Public web service has no security.txt
.well-known/security.txt
· conf 0.78
Public web service has no security.txtAIC002
Source file name looks like an AI patch artifact
comfy/ldm/rt_detr/rtdetr_v4.py:1
· conf 0.62
Source file name looks like an AI patch artifactAIC003
Duplicated implementation block across source files
alembic_db/versions/0002_merge_to_asset_references.py:181
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/common.py:4
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/controlnet.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_a.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_a.py:4
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_b.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_c_coder.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_c_coder.py:4
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_c.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_c.py:4
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_c.py:5
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cascade/stage_c.py:54
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/chroma_radiance/model.py:39
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cosmos/predict2.py:205
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/cosmos/predict2.py:642
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/hunyuan3d/model.py:95
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/hunyuan_video/model.py:344
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/hydit/models.py:107
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/modules/diffusionmodules/openaimodel.py:376
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/modules/distributions/distributions.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/wan/model_animate.py:311
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/wan/model_wandancer.py:128
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/ldm/wan/model_wandancer.py:164
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/lora.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/supported_models_base.py:1
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/text_encoders/qwen_image.py:21
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/text_encoders/qwen_image.py:51
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/weight_adapter/base.py:215
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/weight_adapter/glora.py:42
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
comfy/weight_adapter/glora.py:43
· conf 0.86
Duplicated implementation block across source filesAIC005
Duplicate top-level symbol appears in a patch-style file
comfy/ldm/rt_detr/rtdetr_v4.py:1
· conf 0.64
Duplicate top-level symbol appears in a patch-style fileWEB005
robots.txt does not advertise a sitemap
.github/workflows/release-webhook.yml
· conf 0.74
robots.txt does not advertise a sitemapReading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/7acbf5ae-5fb1-42b7-965c-bdf96fd53d77/.