n8n is Vulnerable to OS Command Injection in Git Node

n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been patched in versions 1.123.10 and 2.5.0.

N/A

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

n8n 操作系统命令注入漏洞

n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 1.123.10之前版本和2.5.0之前版本存在操作系统命令注入漏洞，该漏洞源于Git节点存在漏洞，可能导致执行任意系统命令或读取任意文件。

N/A

N/A