MEDIUM 6.5
GHSA-p58x-7733-vp9m
n8n Directory Traversal vulnerability
Details
The n8n package prior to version 0.216.1 for Node.js allows Directory Traversal.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2023-27562 [ADVISORY]
- https://github.com/n8n-io/n8n/pull/5522 [WEB]
- https://github.com/n8n-io/n8n/pull/5523 [WEB]
- https://github.com/n8n-io/n8n/commit/40b97846483fe7c58229c156acb66f43a5a79dc3 [WEB]
- https://github.com/n8n-io/n8n/commit/fb07d77106bb4933758c63bbfb87f591bf4a27dd [WEB]
- https://github.com/n8n-io/n8n [PACKAGE]
- https://github.com/n8n-io/n8n/releases/tag/n8n%400.216.1 [WEB]
- https://security.netapp.com/advisory/ntap-20230622-0007 [WEB]
- https://www.synacktiv.com/sites/default/files/2023-05/Synacktiv-N8N-Multiple-Vulnerabilities_0.pdf [WEB]