b9dfb86260
Security hardening release addressing CodeQL and Dependabot alerts: - Fix stack trace exposure in error responses - Add SSRF protection with DNS resolution checking - Implement proper URL hostname validation (replaces substring matching) - Add centralized path sanitization to prevent path traversal - Fix ReDoS vulnerability in email validation regex - Improve HTML sanitization in validation utilities - Fix capability wildcard matching in auth utilities - Update glob dependency to address CVE - Add CodeQL suppression comments for verified false positives 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
37 lines
885 B
Markdown
37 lines
885 B
Markdown
# Security Policy
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability in GT AI OS, please report it responsibly.
|
|
|
|
**Contact:** [Contact Us](https://gtedge.ai/contact-us)
|
|
|
|
### Required Information
|
|
|
|
When reporting a vulnerability, please include:
|
|
- Description of the vulnerability
|
|
- Steps to reproduce (if applicable)
|
|
- Potential impact assessment
|
|
- Suggested remediation (optional)
|
|
|
|
|
|
### Responsible Disclosure
|
|
|
|
- Please allow reasonable time to address the issue before any public disclosure
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Security Updates |
|
|
|---------|------------------|
|
|
| Latest release | Supported |
|
|
| Previous releases | Not supported |
|
|
|
|
|
|
## Security Best Practices
|
|
|
|
To maintain a secure installation:
|
|
- Keep GT AI OS updated to the latest version
|
|
- Keep Docker and your operating system updated
|
|
- Use strong, unique passwords
|
|
- Do not share credentials
|