Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Null Byte Injection in Plug.Static

🗓️ 12 Apr 2022 21:20:20Reported by GitHub Advisory DatabaseType 
github
 github🔗 github.com👁 20 Views

Null Byte Injection in Plug.Static. File upload can bypass restrictions

Related
Detection
Refs
ReporterTitlePublishedViews
Family
CNVD		Elixir Plug Plug.Static Component Security Bypass Vulnerability
22 Sep 201700:00
cnvd
CVE		CVE-2017-1000052
13 Jul 201720:00
cve
Cvelist		CVE-2017-1000052
13 Jul 201720:00
cvelist
EUVD		EUVD-2022-1597
3 Oct 202520:07
euvd
NVD		CVE-2017-1000052
17 Jul 201713:18
nvd
OSV		GHSA-2Q6V-32MR-8P8X Null Byte Injection in Plug.Static
12 Apr 202221:20
osv
Prion		Sql injection
17 Jul 201713:18
prion
Vulners
Node
plug_projectplugRange1.3.01.3.2erlang
OR
plug_projectplugRange1.2.01.2.3erlang
OR
plug_projectplugRange1.1.01.1.7erlang
OR
plug_projectplugRange<1.0.4erlang

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Jan 2023 05:06Current
2.7Low risk
Vulners AI Score2.7
CVSS 24.6
CVSS 3.17.8
EPSS0.00246
CWE-74
plug.staticfile uploadnull byte
20