3 matches found
CVE-2022-42975
socket/transport.ex in Phoenix before 1.6.14 mishandles checkorigin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token...
CVE-2022-42975
socket/transport.ex in Phoenix before 1.6.14 mishandles checkorigin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token...
CVE-2022-42975
Phoenix prior to 1.6.14 contains a vulnerability in socket/transport.ex where check_origin wildcarding is mishandled. LiveView applications are unaffected by default because of the LiveView CSRF token. Affected versions: Phoenix before 1.6.14. Remediation: upgrade to Phoenix 1.6.14 or later or re...