Attackers can access data at arbitrary filesystem paths on the same host as an application using FileMiddleware
.
Version 4.29.4
Upgrade to 4.24.4 or later, or disable FileMiddleware
.
If you have any questions or comments about this advisory: * Open an issue * Email us at security@vapor.codes