CVE-2022-31005

Name of the Vulnerable Software and Affected Versions Vapor versions prior to 4.60.3

Description Vapor is an HTTP web framework for Swift. Users with FileMiddleware enabled are vulnerable to an integer overflow vulnerability that can crash the application. This issue can be triggered by invalid range headers.

Recommendations For versions prior to 4.60.3, update to version 4.60.3 to resolve the issue. As a temporary workaround, consider disabling FileMiddleware and serve assets via a Content Delivery Network.