← back
CVE-2017-20166

CVE-2017-20166

CVSS 9.8 CRITICALEPSS 1.3%CWE-754
Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and raise.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/advisories/GHSA-2xxx-fhc8-9qvqhttps://github.com/elixir-ecto/ecto/commit/db55b0cba6525c24ebddc88ef9ae0c1c00620250https://github.com/elixir-ecto/ecto/pull/2125https://groups.google.com/forum/#%21topic/elixir-ecto/0m4NPfg_MMU