From a223734a4a781834bee1a1484dffc47c56e8d50e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?= =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?= =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?= Date: Thu, 7 Sep 2023 10:25:59 +0200 Subject: [PATCH] fix(core): Disable Node.js custom inspection to address CVE-2023-37903 (#7125) This seems like a better fix than #7122 --- packages/cli/bin/n8n | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/packages/cli/bin/n8n b/packages/cli/bin/n8n index 1f81419a84..c0dc619251 100755 --- a/packages/cli/bin/n8n +++ b/packages/cli/bin/n8n @@ -32,6 +32,10 @@ if (![18, 20].includes(nodeVersionMajor)) { // Prevent oclif from loading ts-node and typescript process.env.OCLIF_TS_NODE = '0'; +// Disable nodejs custom inspection across the app +const { inspect } = require('util'); +inspect.defaultOptions.customInspect = false; + require('express-async-errors'); require('source-map-support').install(); require('reflect-metadata');