LOW 3.7

GHSA-fvfv-ppw4-7h2w

n8n has a Guardrail Node Bypass

상세

## Impact An end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions.

## Patches The issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability.

## Workarounds If upgrading is not immediately possible, administrators should consider the following temporary mitigations: - Limit access to trusted users. - Review asses the practical impact of guardrail bypasses in your usecase and adjust your workflow accordingly.

These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / n8n

최초 영향 버전: 0 수정 버전: 2.10.0

수정 npm install n8n@2.10.0

참고

https://github.com/n8n-io/n8n/security/advisories/GHSA-fvfv-ppw4-7h2w [WEB]
https://github.com/n8n-io/n8n/commit/8d0251d1deef256fd3d9176f05dedab62afde918 [WEB]
https://github.com/n8n-io/n8n [PACKAGE]
https://github.com/n8n-io/n8n/releases/tag/n8n@2.10.0 [WEB]