All reported issues have been addressed as part of Home Assistant 2023.9, released on September 6, 2023

  • Cure53 found issues in Home Assistant, 3 of which were marked as “critical” severity
  • The GitHub Security Lab also audited Home Assistant and found six non-critical issues. Two of the issues overlapped with Cure53.
  • No authentication bypasses have been found
  • Big P
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    It’s easier to find something like XSS or auth bypass when you can read the code