Releases: AikidoSec/firewall-node
Releases · AikidoSec/firewall-node
1.5.67
- Report node.js version to Aikido
- Add support for Express.js v5
- Discover schema of API routes (behind feature flag)
- Rename Firewall to Zen by Aikido (Learn more)
- Extend list of dangerous shell commands
- Fix SSRF bypass using IPv6 hostname
- Add port in metadata for SSRF attacks
1.5.66
What's Changed
- Fix various edge cases and extend test coverage
1.5.65
- Temporarily disabled SSRF redirect protection for stability
1.5.64
- Fix accuracy issue during wildcard rate limiting
1.5.63
- Improve fetch &
undici
SSRF protection against malicious redirects
- Add support for
better-sqlite3
- Improve rate limiting algorithm
- Protect
needle
for SSRF
- Fix issue related to Sentry SDK v8
1.5.62
- Improved shell injection detection
1.5.61
- Improve communication with Aikido dashboard (increased timeout)
- Add support for HTTP/2 server
- Prevent SSRF bypass through redirection
- Ensure that direct invocations of shell are also inspected
1.5.60
What's Changed
- Minor changes to handling of IP blocks
1.5.59
What's Changed
- Improve Hono app benchmark
- Add Next.js install instructions
- Introduce IP allowlist feature for admin API routes
1.5.58
What's Changed
- Solve SQLi false positive edge cases