At HomeDock OS, your security is our top priority. If you discover any vulnerabilities or security issues, please report them directly to our security team at: π§ support@homedock.cloud
We deeply value the contributions of our community in making HomeDock OS a secure and reliable platform. Thank you for helping us improve!
-
β¦ Possible Self-DDoS by Enumerating Thousands of Files on Drop Zone- Internally Discovered β Fixed in v2.0.4.212
-
β¦ DNS Open Redirect in HTTP to HTTPS Redirector when SSL enabled- Internally Discovered β Fixed in v2.0.3.186
-
β¦ Open Redirect in HTTP to HTTPS Redirector when SSL enabled- Internally Discovered β Fixed in v2.0.3.184
-
β¦ MIME Type Validation Possible Bypass in Package Import- Internally Discovered β Fixed in v2.0.3.108
-
β¦ Path Traversal in Package Manager Export & Delete Operation- Internally Discovered β Fixed in v2.0.2.266
-
β¦ RegEx Injection in AppExplorer Search- Internally Discovered β Fixed in v2.0.1.102
-
β¦ Rate Limiting Bypass & IP Spoofing- Reported by @StringManolo β Fixed in v2.0.1.88
-
β¦ Authenticated SSRF via Host Header Manipulation- Reported at Secur0 by @cybernize β Fixed in v2.0.1.88
-
β¦ Path Traversal in Drop Zone File Operations- Reported at Secur0 by @esTse β Fixed in v2.0.1.88
-
β¦ Path Traversal & DoS via /dev/random in Drop Zone- Reported at Secur0 by @Ismael034 β Fixed in v2.0.1.88