Vhyrro

**Name of the Vulnerable Software and Affected Versions** Luanox versions prior to 0.1.1 **Description** Luanox is a module host for Lua packages. A file traversal vulnerability can cause a denial of service by overwriting Phoenix runtime files. Package names, such as `../../package`, are not properly filtered during rockspec verification, allowing files to be stored at unintended relative path locations. This could potentially overwrite runtime files and cause the website to crash. **Recommendations** Update to version 0.1.1 or later.