Nickcopi

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 1.123.17 n8n versions prior to 2.5.2 **Description** n8n is an open-source workflow automation platform. An authenticated user with permission to create or modify workflows can exploit crafted expressions in workflow parameters to trigger system command execution on the host running n8n. This allows for potential full server compromise, including the theft of API keys, credentials, and secrets. The issue stems from an expression escape vulnerability and incomplete AST-based sanitization. Public exploits are available. **Recommendations** Upgrade to n8n version 1.123.17 or later. Upgrade to n8n version 2.5.2 or later. As a temporary workaround, limit workflow creation and editing permissions to fully trusted users only. Deploy n8n in a hardened environment with restricted operating system privileges and network access.

**Name of the Vulnerable Software and Affected Versions** Shields.io versions prior to server-2024-09-25 **Description** The issue concerns a remote execution vulnerability via the JSONPath library used by the Dynamic JSON/Toml/Yaml badges. This vulnerability allows any user with access to make a request to a URL on the instance to execute code by crafting a malicious JSONPath expression. All users who self-host an instance are vulnerable. The problem was fixed in version server-2024-09-25. **Recommendations** For versions prior to server-2024-09-25, update to server-2024-09-25 or later. As a temporary workaround, consider blocking access to the endpoints "/badge/dynamic/json", "/badge/dynamic/toml", and "/badge/dynamic/yaml" (e.g., via a firewall or reverse proxy in front of your instance) to prevent the exploitable endpoints from being accessed. For those who follow the rolling tag on DockerHub, update to the latest version by running `docker pull shieldsio/shields:next`.