CVE-2017-1000052

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-1000052
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000052.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-1000052
Aliases
Published
2017-07-17T13:18:17Z
Modified
2024-05-29T23:53:01Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions.

References

Affected packages

Git / github.com/elixir-plug/plug

Affected ranges

Type
GIT
Repo
https://github.com/elixir-plug/plug
Events