Skip to content

Destrayon/Connapse

v0.2.1 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 3mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

ai ai-agents blazor docker document-management .net
+13 more
embeddings generative-ai hybrid-search knowledge-management llm mcp-server model-context-protocol ollama pgvector retrieval-augmented-generation self-hosted semantic-search vector-db

Affected surfaces

auth

Summary

AI summary

Fixed code injection, PII exposure, and input sanitization vulnerabilities.

Full changelog

Fixed

  • Release workflow: correct binary name and NuGet key guard
  • CodeQL security alerts: log injection and PII exposure
  • Input sanitization for user-provided values

Security

  • SECURITY.md updated to reflect v0.2.0 auth implementation

Full Changelog: https://github.com/Destrayon/Connapse/compare/v0.2.0...v0.2.1

Security Fixes

  • Fixed log injection vulnerability detected by CodeQL.
  • Fixed PII exposure vulnerability detected by CodeQL.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Destrayon/Connapse

Get notified when new releases ship.

Sign up free

About Destrayon/Connapse

Self-hosted knowledge backend for AI agents with hybrid vector + keyword search, container-isolated indexes, and 11 MCP tools. .NET, Docker-ready.

All releases →

Related context

Beta — feedback welcome: [email protected]