CVE-2025-24961

Name of the Vulnerable Software and Affected Versions: org.gaul S3Proxy versions prior to 2.6.0

Description: The issue affects users of the filesystem and filesystem-nio2 storage backends, potentially exposing local files to authenticated clients. This could lead to unauthorized access to sensitive information. There are no known workarounds for this issue.

Recommendations: For versions prior to 2.6.0, upgrade to version 2.6.0 to resolve the issue. As a temporary workaround, consider restricting access to the filesystem and filesystem-nio2 storage backends until the upgrade is applied.