Affected versions of harp
are vulnerable to Unauthorized File Access. If a symlink in the project’s base directory points to a file outside of the directory, the file is served. This could allow an attacker to access sensitive files on the server.
Upgrade to version 0.40.3
or later