Issue Station
Sign In
Tools hereToolbox

dify - 💡(How to fix) Fix HIGH: Code execution sandbox has network enabled by default + default API key

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…

The Dify Sandbox executes user-authored Python code in workflows with:

  1. Network access enabled by default
  2. Default API key that is publicly documented

Root Cause

The Dify Sandbox executes user-authored Python code in workflows with:

  1. Network access enabled by default
  2. Default API key that is publicly documented
RAW_BUFFERClick to expand / collapse

CWE-250: Code Execution Sandbox Network Enabled by Default

Severity: HIGH (CVSS 7.5)

Location

  • "" + docker/docker-compose.yaml + "" + and + "" + pi/.env.example + "" + :

SANDBOX_ENABLE_NETWORK with default: true CODE_EXECUTION_API_KEY=dify-sandbox

Description

The Dify Sandbox executes user-authored Python code in workflows with:

  1. Network access enabled by default
  2. Default API key that is publicly documented

Impact

User-authored code running in the sandbox can make outbound HTTP requests and potentially reach internal services. If an attacker knows the default sandbox API key, they can execute arbitrary code.

Remediation

  1. Default SANDBOX_ENABLE_NETWORK to false
  2. Require a strong unique SANDBOX_API_KEY
  3. Isolate sandbox network from API services

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING