this post was submitted on 23 Oct 2023
115 points (100.0% liked)

homeassistant

12025 readers
125 users here now

Home Assistant is open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server. Available for free at home-assistant.io

founded 1 year ago
MODERATORS
GreatAlbatross@feddit.uk
115
Security audits of Home Assistant (www.home-assistant.io)
submitted 1 year ago by Undearius@lemmy.ca to c/homeassistant@lemmy.world
8 comments fedilink hide all child comments
 

All reported issues have been addressed as part of Home Assistant 2023.9, released on September 6, 2023

  • Cure53 found issues in Home Assistant, 3 of which were marked as “critical” severity
  • The GitHub Security Lab also audited Home Assistant and found six non-critical issues. Two of the issues overlapped with Cure53.
  • No authentication bypasses have been found
you are viewing a single comment's thread
view the rest of the comments
[–] peter@feddit.uk 1 points 1 year ago

It's easier to find something like XSS or auth bypass when you can read the code