Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN847
_____________________________________________________________________

DATE                : 12/12/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running n8n versions prior
                           to 1.119.2.

=====================================================================
https://github.com/n8n-io/n8n/security/advisories/GHSA-wpqc-h9wp-chmq
_____________________________________________________________________


Remote Code Execution via Git Node Custom Pre-Commit Hook
Critical
csuermann published GHSA-wpqc-h9wp-chmq Dec 8, 2025

Package
n8n (npm)

Affected versions
>= 0.123.1 <1.119.2

Patched versions
1.119.2


Description
Impact

The n8n Git node allows workflows to set arbitrary Git configuration
values through the Add Config operation. When an attacker-controlled
workflow sets core.hooksPath to a directory within the cloned
repository containing a Git hook such as pre-commit, Git executes
that hook during subsequent Git operations. Because Git hooks run as
local system commands, this behavior can lead to arbitrary command
execution on the underlying n8n host.

Successful exploitation requires the ability to create or modify an
n8n workflow that uses the Git node.

Affected versions: ≥ 0.123.1 and < 1.119.2


Patches

This issue has been patched in n8n version 1.119.2.

All users running affected versions should upgrade to 1.119.2 or
later.


Workarounds

If upgrading is not immediately possible, the following mitigations
can reduce exposure:

    Exclude the Git node (Docs).
    Avoid cloning or interacting with untrusted repositories using
the Git Node.


Severity
Critical
9.4/ 10

CVSS v4 base metrics
Exploitability Metrics
Attack Vector Network
Attack Complexity Low
Attack Requirements None
Privileges Required Low
User interaction None
Vulnerable System Impact Metrics
Confidentiality High
Integrity High
Availability High
Subsequent System Impact Metrics
Confidentiality High
Integrity High
Availability High
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CVE ID
CVE-2025-65964

Weaknesses
Weakness CWE-829

Credits

    @Malayke Malayke Finder



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================