If your organization runs any public‑facing service powered by Julius 4.3–4.7, treat JUL‑448 as . 4. Mitigation & Remediation – Step‑by‑Step 4.1. Immediate “Kill‑Switch” If you cannot upgrade right now, apply the runtime configuration hardening :
; php.ini allow_url_include = Off ; <— disables remote includes allow_url_fopen = Off ; optional, blocks remote file reads disable_functions = exec,shell_exec,system,passthru,proc_open,pcntl_exec Restart the PHP-FPM/Apache service after editing. Add a strict whitelist around $templatePath : JUL-448
public function render(string $templatePath, array $data = []): string apply the runtime configuration hardening :