GT AI OS Community Edition v2.0.33
Security hardening release addressing CodeQL and Dependabot alerts: - Fix stack trace exposure in error responses - Add SSRF protection with DNS resolution checking - Implement proper URL hostname validation (replaces substring matching) - Add centralized path sanitization to prevent path traversal - Fix ReDoS vulnerability in email validation regex - Improve HTML sanitization in validation utilities - Fix capability wildcard matching in auth utilities - Update glob dependency to address CVE - Add CodeQL suppression comments for verified false positives 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
HackWeasel
36
SECURITY.md
Normal file
36
SECURITY.md
Normal file
@@ -0,0 +1,36 @@
|
||||
# Security Policy
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
If you discover a security vulnerability in GT AI OS, please report it responsibly.
|
||||
|
||||
**Contact:** [Contact Us](https://gtedge.ai/contact-us)
|
||||
|
||||
### Required Information
|
||||
|
||||
When reporting a vulnerability, please include:
|
||||
- Description of the vulnerability
|
||||
- Steps to reproduce (if applicable)
|
||||
- Potential impact assessment
|
||||
- Suggested remediation (optional)
|
||||
|
||||
|
||||
### Responsible Disclosure
|
||||
|
||||
- Please allow reasonable time to address the issue before any public disclosure
|
||||
|
||||
## Supported Versions
|
||||
|
||||
| Version | Security Updates |
|
||||
|---------|------------------|
|
||||
| Latest release | Supported |
|
||||
| Previous releases | Not supported |
|
||||
|
||||
|
||||
## Security Best Practices
|
||||
|
||||
To maintain a secure installation:
|
||||
- Keep GT AI OS updated to the latest version
|
||||
- Keep Docker and your operating system updated
|
||||
- Use strong, unique passwords
|
||||
- Do not share credentials
|
||||
Reference in New Issue
Block a user