Skip to content

Releases: AikidoSec/firewall-node

1.5.67

17 Sep 14:30
@hansott hansott
1.5.67
5379603
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.67
  • Report node.js version to Aikido
  • Add support for Express.js v5
  • Discover schema of API routes (behind feature flag)
  • Rename Firewall to Zen by Aikido (Learn more)
  • Extend list of dangerous shell commands
  • Fix SSRF bypass using IPv6 hostname
  • Add port in metadata for SSRF attacks
Assets 2
Loading

1.5.66

04 Sep 13:46
@willem-delbare willem-delbare
1.5.66
f894238
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.66

What's Changed

  • Fix various edge cases and extend test coverage
Assets 2
Loading

1.5.65

28 Aug 09:13
@hansott hansott
1.5.65
6747555
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.65
  • Temporarily disabled SSRF redirect protection for stability
Assets 2
Loading

1.5.64

22 Aug 17:19
@hansott hansott
1.5.64
205e74a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.64
  • Fix accuracy issue during wildcard rate limiting
Assets 2
Loading

1.5.63

22 Aug 14:46
@hansott hansott
1.5.63
27f1d1b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.63
  • Improve fetch & undici SSRF protection against malicious redirects
  • Add support for better-sqlite3
  • Improve rate limiting algorithm
  • Protect needle for SSRF
  • Fix issue related to Sentry SDK v8
Assets 2
Loading

1.5.62

17 Aug 13:22
@hansott hansott
1.5.62
cca246e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.62
  • Improved shell injection detection
Assets 2
Loading

1.5.61

16 Aug 11:20
@hansott hansott
1.5.61
8835f4c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.61
  • Improve communication with Aikido dashboard (increased timeout)
  • Add support for HTTP/2 server
  • Prevent SSRF bypass through redirection
  • Ensure that direct invocations of shell are also inspected
Assets 2
Loading

1.5.60

12 Aug 08:39
@hansott hansott
1.5.60
9d98c58
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.60

What's Changed

  • Minor changes to handling of IP blocks
Assets 2
Loading

1.5.59

07 Aug 12:42
@hansott hansott
1.5.59
ef213f3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.59

What's Changed

  • Improve Hono app benchmark
  • Add Next.js install instructions
  • Introduce IP allowlist feature for admin API routes
Assets 2
Loading

1.5.58

30 Jul 11:23
@hansott hansott
1.5.58
34034d1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.5.58

What's Changed

  • Solve SQLi false positive edge cases
Assets 2
Loading