services:
  n8n:
    image: n8nio/n8n:1.112.0  # Vulnerable version (< 1.113.0)
    container_name: n8n-vulnerable-cve-2025-62726
    restart: unless-stopped
    ports:
      - "5678:5678"
    environment:
      - N8N_BASIC_AUTH_ACTIVE=true
      - N8N_BASIC_AUTH_USER=admin
      - N8N_BASIC_AUTH_PASSWORD=admin123
      - N8N_HOST=localhost
      - N8N_PORT=5678
      - N8N_PROTOCOL=http
      - WEBHOOK_URL=http://localhost:5678/
      # Intentionally NOT setting N8N_GIT_NODE_DISABLE_BARE_REPOS
      - GENERIC_TIMEZONE=America/New_York
    volumes:
      - n8n_data:/home/node/.n8n

volumes:
  n8n_data:
    driver: local