Lucene search
Veracode Vulnerability DatabaseVERACODE:40544HistoryMay 16, 2023 - 7:02 a.m.
Authentication Bypass
2023-05-1607:02:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
n8n
authentication bypass
vulnerability
auth.ts
information disclosure
0.001 Low
EPSS
Percentile
47.1%
n8n is vulnerable to Authentication Bypass. The vulnerability is due to a lack of authentication in auth.ts when the url contains .svg, resulting in information disclosure.
References
github.com/advisories/GHSA-r9xw-p7wj-w792
github.com/n8n-io/n8n/commit/f58573dba30eba8fe3d844d1b7b2dbbb8d51b8b5
github.com/n8n-io/n8n/pull/5525
github.com/n8n-io/n8n/releases
security.netapp.com/advisory/ntap-20230622-0007/
www.synacktiv.com/sites/default/files/2023-05/Synacktiv-N8N-Multiple-Vulnerabilities_0.pdf
Related
osv
osv
n8n Information Disclosure vulnerability
2023-05-10 15:30:22
CVE-2023-27564
2023-05-10 15:15:09
github
github
n8n Information Disclosure vulnerability
2023-05-10 15:30:22
cvelist
cvelist
CVE-2023-27564
2023-05-10 00:00:00
prion
prion
Information disclosure
2023-05-10 15:15:00
cve
cve
CVE-2023-27564
2023-05-10 15:15:09
nvd
nvd
CVE-2023-27564
2023-05-10 15:15:09