📄️ Hardening authentik
While authentik is secure out of the box, you can take steps to further increase the security of an authentik instance. As everyone knows, there is a consequential tradeoff between security and convenience. All of these hardening practices have an impact on the user experience and should only be applied knowing this tradeoff.
📄️ Security Policy
📄️ CVE-2024-47077
Reported by @quentinmit
📄️ CVE-2024-47070
Reported by @efpi-bot from LogicalTrust
📄️ CVE-2024-42490
Reported by @m2a2
📄️ CVE-2024-38371
Reported by Stefan Zwanenburg
📄️ CVE-2024-37905
Reported by @m2a2
📄️ CVE-2024-23647
Reported by @pieterphilippaerts
📄️ CVE-2024-21637
Reported by @lauritzh
📄️ CVE-2023-48228
Reported by @Sapd
📄️ GHSA-rjvp-29xq-f62w
Reported by @devSparkle
📄️ CVE-2023-39522
Reported by @markrassamni
📄️ CVE-2023-36456
Reported by @thijsa