CVE-2017-1000163

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-1000163
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000163.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-1000163
Aliases
Published
2017-11-17T21:29:00Z
Modified
2024-09-03T01:34:35.019136Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks.

References

Affected packages

Git / github.com/phoenixframework/phoenix

Affected ranges

Type
GIT
Repo
https://github.com/phoenixframework/phoenix
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1254c66be4701239234cfe6abdf96e9a45cbcf9a
Last affected
170e29bc2c9bc7db1a646fd659ffa1acdef5b9fd
Last affected
178ce1a2344515e9145599970313fcc190d4b881
Last affected
33d7ffeccd4bbf84f8e11004e456d699e948009b
Last affected
4d608bfc4900593d3ac1b12d184f7cccaca27d06
Last affected
517ce30beb7b45c7d93e473b717cad70b9f04b54
Last affected
66217b1c1ff94e32a931c4a2aa31fac1010b5069
Last affected
9d999fb45f8b8257b0ea57cd6802400823dc9a86
Last affected
a284d38df5781f13f87bbd6d3fd53f72fedbe011
Last affected
ae24588fe47d9d5e7a986903611f127b48961132
Last affected
b9ebbc2b9241b59dcac5d9c6d66fa248efe68a9c
Last affected
bbb787e77e43941e93e281b0adcbafede809795e
Last affected
c43ccec558a21f37dac4d2cce0f7f504617a4eba
Last affected
c5177209d7bfd2d988a81c1cdcaa8589f57279ea
Last affected
f477067573530bfb3f705700d115638eb124778c

Affected versions

v0.*

v0.1.1
v0.10.0
v0.11.0
v0.12.0
v0.13.0
v0.13.1
v0.14.0
v0.15.0
v0.16.0
v0.16.1
v0.17.0
v0.17.1
v0.2.0
v0.2.1
v0.2.10
v0.2.11
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.5.0
v0.6.0
v0.6.1
v0.6.2
v0.7.0
v0.7.1
v0.7.2
v0.8.0
v0.9.0

v1.*

v1.0.0
v1.0.1
v1.0.2