Impact
n8n is an open source workflow automation platform. Prior to versions 1.123.48, 2.21.8, and 2.22.4, a user authenticated with workflow‑creation privileges could specify a local filesystem path as the source repository in the Git node’s Clone operation, or as the target repository in the Push operation, bypassing the N8N_RESTRICT_FILE_ACCESS_TO file sandbox. This allowed any local Git repository accessible to the n8n process to be cloned into an allowed path and its contents read, circumventing the sandbox’s intended file‑access restrictions. The flaw effectively permits the victim to read arbitrary files on the host, including configuration or secret files, and is a classic directory traversal vulnerability (CWE‑22).
Affected Systems
The issue affects n8n installations running versions prior to 1.123.48, 2.21.8, or 2.22.4 released by n8n-io.
Risk and Exploitability
The CVSS score of 6 indicates medium severity, and the EPSS score is not available, suggesting no known high exploitation probability. The vulnerability is not listed in CISA’s KEV catalog. An attacker must first obtain authenticated access with workflow-creation privileges, after which they can craft a workflow to read sensitive files via the Git node, potentially exfiltrating the data. The risk is therefore moderate and limited to the scope of the n8n host environment.
OpenCVE Enrichment
Github GHSA