CVE-2018-1000883

Elixir Plug Plug version All contains a Header Injection vulnerability in Connection that can result in Given a cookie value, Headers can be added. This attack appear to be exploitable via Crafting a value to be sent as a cookie. This vulnerability appears to have been fixed in >= 1.3.5 or ~> 1.2.5 or ~> 1.1.9 or ~> 1.0.6.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:plug_project:plug:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:plug_project:plug:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:plug_project:plug:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:plug_project:plug:*:*:*:*:*:*:*:*

Information

Published : 2018-12-20 13:29

Updated : 2019-02-13 17:58


NVD link : CVE-2018-1000883

Mitre link : CVE-2018-1000883


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

plug_project

  • plug