Dify v1.4.2 Advisory: Tenant Isolation and Credential Security Fixes

Vulnerability Overview In version v1.4.2, the langgenius/dify project underwent security hardening, primarily addressing security issues related to tenant isolation and file preview text extraction. Specific vulnerabilities include: 1. Tenant Isolation Issue: In the app trace-config endpoint and FilePreview text extraction, tenant isolation was insufficiently strict, potentially leading to data leakage. 2. Tool Credential Security Issue: Default built-in tool credentials were updated to workspace administrators and owners, and expired tenant tool credentials were cleaned up. Impact Scope Tenant Isolation Issue: Affects all users utilizing the app trace-config endpoint and FilePreview text extraction functionality. Tool Credential Security Issue: Affects all users using default built-in tool credentials. Remediation Plan 1. Tenant Isolation Issue: - Strengthen tenant isolation to ensure that data from different tenants does not interfere with each other in the app trace-config endpoint and FilePreview text extraction. - Related fixes were completed by @xr843 in #35793 and #35797. 2. Tool Credential Security Issue: - Restrict updates to default built-in tool credentials, allowing only workspace administrators and owners to perform updates. - Clean up expired tenant tool credentials to ensure credential security. - Related fixes were completed by @NeatGuyCoding and @xr843 in #36264 and #35843. Additional Security Measures Workflow Execution Reliability: Restored tracing after HITL workflow recovery, improved workflow callback tracking, reduced database polling for message updates, fixed memory acquisition issues beyond Flask context, and corrected base64 file session lookup accuracy. Workflow and Model Selection Polish: Fixed loading behavior when no model is selected, filtered parameters supported by model presets, and improved API extension dialog control. Knowledge Base Stability: Fixed knowledge test rendering, empty knowledge creation, recommended application category sorting, and empty handling issues. RAG and Document Processing: Allowed LLM nodes to access retrieved knowledge files, regenerated document summaries, fixed pipeline template rendering, and improved credential retrieval in RAG pipelines. Upgrade Guide Docker Compose Deployment: 1. Back up custom docker-compose YAML and env files. 2. Fetch the latest code. 3. Stop the services. 4. Back up data. 5. Check the new docker/envs/ env file layout and reapply local customizations. 6. Upgrade the services. Source Code Deployment**: 1. Stop the API server, Worker, and Web frontend server. 2. Fetch the latest code. 3. Update Python dependencies. 4. Run migration scripts. 5. Restart the API server, Worker, and Web frontend server. Summary Version v1.4.2 primarily addresses tenant isolation and tool credential security issues, while also enhancing workflow execution reliability, knowledge base stability, and RAG processing performance. Users are advised to upgrade to this version promptly to ensure system security and stability.

Goal Reached Thanks to every supporter — we hit 100%!

Dify v1.4.2 Advisory: Tenant Isolation and Credential Security Fixes

More from this source