Erugo

v0.2.15 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 4mo File Storage & Sync

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Summary

AI summary

Fixed critical path traversal vulnerabilities in upload and template controllers (GHSA-336w-hgpq-6369) that allowed authenticated users to write arbitrary files and achieve Remote Code Execution. Versions ≤0.2.14 affected.

Security Fixes

Path traversal in UploadsController, TusdHooksController, and EmailTemplatesController (GHSA-336w-hgpq-6369)

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Erugo

Get notified when new releases ship.

About Erugo

A powerful, self-hosted file-sharing platform built with PHP and Laravel with a Vue.js frontend. It offers secure, customizable file-transfer capabilities through an elegant user interface, giving you complete control over your data while providing a seamless experience for both senders and recipients.

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]