We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Vesta security is great.. But..
Vesta security is great.. But..
Just saw Rack911 results of free security audit of vesta and other control panels.
Very few vulnerabilities were found as most of the older ones are already patched.
The only thing they were mainly complaining was very slow or no response from the developers for fixing security issues that are found.
Complete report at :
https://www.rack911labs.com/research/se ... rol-panels
Very few vulnerabilities were found as most of the older ones are already patched.
The only thing they were mainly complaining was very slow or no response from the developers for fixing security issues that are found.
Complete report at :
https://www.rack911labs.com/research/se ... rol-panels
Re: Vesta security is great.. But..
For those interested..
All 3 security issues are already fixed by sergey(the main dev) if the post on let is authentic :
https://www.lowendtalk.com/discussion/c ... nt_3037936
All 3 security issues are already fixed by sergey(the main dev) if the post on let is authentic :
https://www.lowendtalk.com/discussion/c ... nt_3037936
The original quote:
"In fact, all three vulnerabilities are fixed on VestaCP - before 4 months - just nobody wanted to check it -
https://github.com/serghey-rodin/vesta/ ... d5f8dfc28d
Link for fixes is sent to Patrick - but Patrick expected from VestaCP devs to check fixes - but nobody did it at the end."