Vapor FileMiddleware Security Vulnerability

We've just released Vapor 4.60.3 which contains a fix for a security vulnerability in Vapor's FileMiddleware. An attacker could crash a Vapor application by sending invalid Range headers under certain scenarios, leading to a Denial of Service attack. This has been designated as CVE-2022-31005.

→ blog.vapor.codes/posts/security-advisory-GHSA-vj2m-9f5j-mpr5/