25 matches found
CVE-2017-1000052
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions...
CVE-2017-1000052
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions...
Sql injection
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions...
CVE-2017-1000052
CVE-2017-1000052 affects Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2, where the Plug.Static component is vulnerable to a null byte injection that may allow bypassing filetype restrictions. The issue enables a local attacker to exploit the static file serving path, with impact described a...
CVE-2017-1000052
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions...