High severity8.1NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026
CVE-2017-1000053
CVE-2017-1000053
Description
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to arbitrary code execution in the deserialization functions of Plug.Session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
plugHex | < 1.0.4 | 1.0.4 |
plugHex | >= 1.1.0, < 1.1.7 | 1.1.7 |
plugHex | >= 1.2.0, < 1.2.3 | 1.2.3 |
plugHex | >= 1.3.0, < 1.3.2 | 1.3.2 |
Affected products
2Patches
Vulnerability mechanics
References
3- elixirforum.com/t/security-releases-for-plug/3913nvdMitigationThird Party AdvisoryWEB
- github.com/advisories/GHSA-5v4m-c73v-c7gqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000053ghsaADVISORY
News mentions
0No linked articles in our index yet.