Vulnerability	Vulnerable Version
H Missing Authorization n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Missing Authorization over the `/rest/executions/:id/stop` endpoint, which can execute stop a workflow operation on workflows not owned by the user. Long-running and time-sensitive workflows are particularly vulnerable. How to fix Missing Authorization? Upgrade `n8n` to version 1.99.1 or higher.	<1.99.1
M Uncaught Exception n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Uncaught Exception via the `/rest/binary-data` endpoint when handling empty filesystem URIs. An authenticated attacker can cause resource exhaustion and disrupt service availability by sending specially crafted GET requests with empty `filesystem://` or `filesystem-v2://` URIs to the affected endpoint. How to fix Uncaught Exception? Upgrade `n8n` to version 1.99.0 or higher.	<1.99.0

Missing Authorization

n8n is a n8n Workflow Automation Tool

Affected versions of this package are vulnerable to Missing Authorization over the /rest/executions/:id/stop endpoint, which can execute stop a workflow operation on workflows not owned by the user. Long-running and time-sensitive workflows are particularly vulnerable.

How to fix Missing Authorization?

Upgrade n8n to version 1.99.1 or higher.

<1.99.1

Uncaught Exception

n8n is a n8n Workflow Automation Tool

Affected versions of this package are vulnerable to Uncaught Exception via the /rest/binary-data endpoint when handling empty filesystem URIs. An authenticated attacker can cause resource exhaustion and disrupt service availability by sending specially crafted GET requests with empty filesystem:// or filesystem-v2:// URIs to the affected endpoint.

How to fix Uncaught Exception?

Upgrade n8n to version 1.99.0 or higher.

<1.99.0

Go back to all versions of this package