A vulnerability has been found in RESTBase v0.9.1 and earlier that allowed attackers to read arbitrary files on the host system by passing a specially crafted URL. This vulnerability has been fixed in [1].
All RESTBase users are strongly encouraged to upgrade to v0.9.2 immediately. Files readable by the RESTBase service user might have been accessed by third parties, so appropriate measures should be taken.
mediawiki-containers [2] users with automatic updates enabled have already been upgraded to v0.9.2.