Backup_Repos/Radarr
1
0
Fork 0
mirror of https://github.com/Radarr/Radarr synced 2026-01-24 00:13:43 +01:00
Code Issues Projects Releases Wiki Activity
Radarr/src
History
admin 019f0862b3 fix(security): address P3 vulnerabilities and add mitigations 
Security fixes:
- XXE prevention: disable XmlResolver in UTorrentProxy.cs (#42)
- Path traversal: validate paths in LogFileController.cs (#44)
- Path traversal: validate paths in MediaCoverController.cs (#44)
- ReDoS mitigation: add 5s timeout to user regex patterns

Documentation:
- CORS: document security rationale in Startup.cs (#43)

Closes #42, #43, #44
Related: #59, #60, #61 (SonarCloud triage - GitHub alerts now at 0 open)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-19 12:12:54 -06:00
..
.idea/.idea.NzbDrone/.idea
Libraries
NzbDrone New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Api.Test New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Automation.Test New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Common fix: thread-safe SHA1 hashing in HashConverter 2025-12-19 10:29:44 -06:00
NzbDrone.Common.Test refactor: make methods static where instance data not used (S2325) 2025-12-18 16:02:13 -06:00
NzbDrone.Console New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Core fix(security): address P3 vulnerabilities and add mitigations 2025-12-19 12:12:54 -06:00
NzbDrone.Core.Test test: add IMDb list error message verification tests 2025-12-19 10:15:33 -06:00
NzbDrone.Host fix(security): address P3 vulnerabilities and add mitigations 2025-12-19 12:12:54 -06:00
NzbDrone.Host.Test New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Integration.Test Fix CancellationTokenSource resource leaks (BLOCKER severity) 2025-12-19 09:35:35 -06:00
NzbDrone.Libraries.Test New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Mono fix(security): sanitize user-controlled strings in log statements 2025-12-18 17:17:02 -06:00
NzbDrone.Mono.Test refactor: make methods static where instance data not used (S2325) 2025-12-18 16:02:13 -06:00
NzbDrone.SignalR New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Test.Common Bump Moq to 4.18.4 2025-09-28 21:57:01 -05:00
NzbDrone.Test.Dummy New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Update refactor: make methods static where instance data not used (S2325) 2025-12-18 16:02:13 -06:00
NzbDrone.Update.Test New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
NzbDrone.Windows refactor: make methods static where instance data not used (S2325) 2025-12-18 16:02:13 -06:00
NzbDrone.Windows.Test New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
Radarr.Api.V3 fix(security): address P3 vulnerabilities and add mitigations 2025-12-19 12:12:54 -06:00
Radarr.Http fix(security): sanitize user-controlled strings in log statements 2025-12-18 17:17:02 -06:00
ServiceHelpers New: Bump to .NET 8 2025-09-09 16:56:04 -05:00
Targets
.eslintrc.js
.globalconfig
coverlet.runsettings Bump coverlet.collector to official 6.0.4 2025-09-26 12:40:19 -05:00
Directory.Build.props Avoid rewriting file names in builds 2025-09-26 12:40:19 -05:00
Directory.Build.targets
NuGet.config Bump System.Data.SQLite to official 2.0.2 2025-09-28 21:57:01 -05:00
omnisharp.json
postgres.runsettings
Radarr.ico
Radarr.sln
Radarr.sln.DotSettings
stylecop.json