github langgenius/dify 0.15.5
v0.15.5
on GitHub

latest releases: 0.15.6-alpha.1, 1.1.3
2 days ago

🔒 Security Patch in v0.15.5

Hey everyone, this version bumps us up to v0.15.5, and it focuses on tightening security:

🔐 Important Fix

  • Sandbox Code Injection: Upgrade Dify Sandbox to avoid the code injection. We strongly recommend that all users currently using versions below 0.15.5 update to this version, or you can only update the sandbox.
  • XSS Vulnerability: Sanitize SVG to prevent XSS attacks by @iamjoel in #16608.

What this means: We've updated our SVG handling to ensure that potentially malicious scripts can't take advantage of your interaction with our SVG elements. This patch fortifies our platform against cross-site scripting vulnerabilities, making sure your application usage remains safe and secure.

Stay secure, and happy coding! 🚀

What's Changed

Full Changelog: 0.15.4...0.15.5

Check out latest releases or
releases around langgenius/dify 0.15.5

Don't miss a new dify release

NewReleases is sending notifications on new releases.

Get notifications