GitHub Actions
e0f69cdfc8
feat(security): comprehensive SSRF protection implementation
BREAKING CHANGE: UpdateService.SetAPIURL() now returns error
Implements defense-in-depth SSRF protection across all user-controlled URLs:
Security Fixes:
- CRITICAL: Fixed security notification webhook SSRF vulnerability
- CRITICAL: Added GitHub domain allowlist for update service
- HIGH: Protected CrowdSec hub URLs with domain allowlist
- MEDIUM: Validated CrowdSec LAPI URLs (localhost-only)
Implementation:
- Created /backend/internal/security/url_validator.go (90.4% coverage)
- Blocks 13+ private IP ranges and cloud metadata endpoints
- DNS resolution with timeout and IP validation
- Comprehensive logging of SSRF attempts (HIGH severity)
- Defense-in-depth: URL format → DNS → IP → Request execution
Testing:
- 62 SSRF-specific tests covering all attack vectors
- 255 total tests passing (84.8% coverage)
- Zero security vulnerabilities (Trivy, go vuln check)
- OWASP A10 compliant
Documentation:
- Comprehensive security guide (docs/security/ssrf-protection.md)
- Manual test plan (30 test cases)
- Updated API docs, README, SECURITY.md, CHANGELOG
Security Impact:
- Pre-fix: CVSS 8.6 (HIGH) - Exploitable SSRF
- Post-fix: CVSS 0.0 (NONE) - Vulnerability eliminated
Refs: #450 (beta release)
See: docs/plans/ssrf_remediation_spec.md for full specification
2025-12-23 15:09:22 +00:00
..
2025-12-12 23:51:05 +00:00
2025-12-11 18:26:24 +00:00
2025-12-22 22:28:46 +00:00
2025-12-11 18:26:24 +00:00
2025-12-11 18:26:24 +00:00
2025-12-23 15:09:22 +00:00
2025-12-23 06:03:07 +00:00
2025-12-11 18:26:24 +00:00
2025-12-12 19:21:44 +00:00
2025-12-16 21:21:39 +00:00
2025-12-16 14:24:13 +00:00
2025-12-21 04:08:42 +00:00
2025-12-11 18:26:24 +00:00
2025-12-11 18:26:24 +00:00
2025-12-11 18:26:24 +00:00