Vulnerabilities fixed in n8n

n8n has fixed vulnerabilities in versions 1.114.3, 1.115.0, 1.123.17, 2.5.2, 1.122.5, 1.123.2, 1.123.18, 2.5.0, 1.123.10, 2.5.0, 2.2.1, 1.123.9, 1.123.12, 2.4.0, 1.118.0, 2.4.0, 2.4.8, and 1.120.3. The vulnerabilities include the use of Buffer.allocUnsafe and Buffer.allocUnsafeSlow, which can lea...

CVE-2025-61917

n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe and Buffer.allocUnsafeSlow in the task runner allowed untrusted code to allocate uninitialized memory. Such uninitialized buffers could contain residual data from within the sa...

SUSE CVE-2018-12361

An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1...

Remote Memory Exposure

Overview dns-packet is an An abstract-encoding compliant module for encoding / decoding DNS packets Affected versions of this package are vulnerable to Remote Memory Exposure. It creates buffers with allocUnsafe and does not always fill them before forming network packets. This can expose interna...

KLA10315 Multiple vulnerabilities in SUPERAntiSpyware

Multiple serious vulnerabilities have been found in SUPERAntiSpyware. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities 1. Unsafe buffers, function parameter handling, unsafe pointe...