CVE-2017-1000052
EUVD-2022-159717.07.2017, 13:18
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| plug_project | plug | 1.0.0 ≤ 𝑥 < 1.0.4 |
| plug_project | plug | 1.1.0 ≤ 𝑥 < 1.1.7 |
| plug_project | plug | 1.2.0 ≤ 𝑥 < 1.2.3 |
| plug_project | plug | 1.3.0 ≤ 𝑥 < 1.3.2 |
𝑥
= Vulnerable software versions