CVE-2017-1000053
Elixir Plug prior to v1.0.4, v1.1.7, v1.2.3, and v1.3.2 is vulnerable to arbitrary code execution via deserialization in Plug.Session. The issue stems from the deserialization functions of Plug.Session, per CVE-2017-1000053. NVD notes a base score of 6.8 (MEDIUM) under CVSS2 and 8.1 (HIGH) under ...