Impact
Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to authenticated clients.
Patches
Upgrade to S3Proxy 2.6.0 which includes apache/jclouds@b0819e0 and 86b6ee4.
Workarounds
None
References
Privately reported by XBOW Team @xbow-security.
xbow-security Reporter
Impact
Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to authenticated clients.
Patches
Upgrade to S3Proxy 2.6.0 which includes apache/jclouds@b0819e0 and 86b6ee4.
Workarounds
None
References
Privately reported by XBOW Team @xbow-security.