coolify/app/Actions
Andras Bacsai fcd574e1eb fix(log-drain): prevent command injection by base64-encoding environment variables
Replace direct shell interpolation of environment values with base64 encoding
to prevent command injection attacks. Environment configuration is now built as
a single string, base64-encoded, then decoded to file atomically.

Also add regex validation to restrict environment field values to safe
characters (alphanumeric, underscore, hyphen, dot) at the application layer.

Fixes GHSA-3xm2-hqg8-4m2p
2026-03-10 22:22:51 +01:00
..
Application fix(restart): reset restart count when resource is manually stopped 2025-12-27 15:21:19 +01:00
CoolifyTask
Database Merge remote-tracking branch 'origin/next' into fix/configurable-proxy-timeout 2026-03-10 10:01:46 +01:00
Docker chore: prepare for PR 2026-03-10 18:34:37 +01:00
Fortify
Proxy
Server fix(log-drain): prevent command injection by base64-encoding environment variables 2026-03-10 22:22:51 +01:00
Service
Shared
Stripe fix(subscription): harden quantity updates and proxy trust behavior 2026-03-03 12:28:16 +01:00
User