Vendor
Plug Project
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- Plug2 CVEshex
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1000053 | Hig | 0.53 | 8.1 | 0.02 | Jul 17, 2017 | Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to arbitrary code execution in the deserialization functions of Plug.Session. | ||
| CVE-2017-1000052 | Hig | 0.51 | 7.8 | 0.00 | Jul 17, 2017 | Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions. |
- risk 0.53cvss 8.1epss 0.02
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to arbitrary code execution in the deserialization functions of Plug.Session.
- risk 0.51cvss 7.8epss 0.00
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions.