GHSA-pr9r-gxgp-9rm8

Source

https://github.com/advisories/GHSA-pr9r-gxgp-9rm8

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-pr9r-gxgp-9rm8/GHSA-pr9r-gxgp-9rm8.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-pr9r-gxgp-9rm8

Aliases

CVE-2025-49595

Published

2025-07-03T14:06:01Z

Modified

2025-07-03T16:20:44Z

Severity

4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

n8n Vulnerable to Denial of Service via Malformed Binary Data Requests

Details

Summary

Denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs (filesystem:// or filesystem-v2://).

Impact

This is a Denial of Service (DoS) vulnerability that allows authenticated attackers to cause service unavailability through malformed filesystem URI requests. The vulnerability affects:

The /rest/binary-data endpoint
n8n.cloud instances (confirmed HTTP/2 524 timeout responses)

Attackers can exploit this by sending GET requests with empty filesystem URIs (filesystem:// or filesystem-v2://) to the /rest/binary-data endpoint, causing resource exhaustion and service disruption.

Patches

The issue has been patched in 1.99.0. All users should upgrade to this version or later.

The fix introduces strict checking of URI patterns.

Patch commit: https://github.com/n8n-io/n8n/pull/16229

Database specific

{
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-03T14:06:01Z",
    "nvd_published_at": "2025-07-03T13:15:28Z",
    "cwe_ids": [
        "CWE-400"
    ],
    "severity": "MODERATE"
}

References

Affected packages

npm / n8n

Package

Name: n8n; View open source insights on deps.dev
Purl: pkg:npm/n8n

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.99.0