Security Release
- Fixed an issue where the outgoing proxy could be accessed from outside the server in host-network Docker deployments (
network_mode: host), potentially allowing external parties to relay requests. - The proxy now only accepts connections from the local server, preventing accidental exposure while keeping internal functionality intact.
- Users should update to PLANKA
>= 2.0.3to be protected. - More details and credits: Security Advisory
- Reported by Luke via responsible disclosure.
What's Changed
- fix(proxy): Prevent external access to outgoing proxy in host-network mode
Full Changelog: v2.0.2...v2.0.3