In this release we have deployed a user configurable server side mitigation for a security vulnerability that has been recently patched in Magento 2. For more information about the exploit in question see this article by Ambionics Security. Keep in mind that it is still important that you patch your shop as server side mitigations are only a first line of defense.

To inspect or alter the Nginx security rule see: