2 matches found
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere due to insufficient restrictions in the Python Code node sandbox. An attacker can access sensitive files or execute arbitra...
CVE-2024-10252
A vulnerability in langgenius/dify versions =v0.9.1 allows for code injection via internal SSRF requests in the Dify sandbox service. This vulnerability enables an attacker to execute arbitrary Python code with root privileges within the sandbox environment, potentially leading to the deletion of...