n8n Python Code Node Sandbox Escape Vulnerability

A vulnerability allowing authenticated users to escape the Python sandbox in the Code node of n8n, an open-source workflow automation platform, has been identified. This issue, present in versions prior to 2.4.8, allows for the execution of code outside the intended security boundaries. The vulnerability arises when Task Runners are enabled, Python execution is allowed, and the Code Node is active. In deployments where Task Runners run externally, the risk is lower as the sandbox escape is confined to a sidecar container.

Impact

Exploitation of this vulnerability allows for unauthorized code execution outside the Python sandbox, potentially leading to arbitrary code execution on the server.

Remediation

Users can upgrade to n8n version 2.4.8 or later to address this vulnerability. If an immediate upgrade is not possible, the Code Node can be disabled by adding 'n8n-nodes-base.code' to the 'NODES_EXCLUDE' environment variable. Additionally, for those using Task Runners, switching to external mode can provide better isolation by executing untrusted code in a separate sidecar container, reducing the risk of memory disclosure. For more details, consult the n8n documentation on Task Runners and Blocking nodes.