Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/108953?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108953?format=api", "vulnerability_id": "VCID-7ryv-jjw4-b7gh", "summary": "Arbitrary Code Execution in Cookie Serialization\nThe default serialization used by Plug session may result in code execution\n in certain situations. Keep in mind, however, the session cookie is signed\n and this attack can only be exploited if the attacker has access to your\n secret key as well as your signing/encryption salts. We recommend users to\n change their secret key base and salts if they suspect they have been leaked,\n regardless of this vulnerability.", "aliases": [ { "alias": "CVE-2017-1000053" }, { "alias": "GHSA-5v4m-c73v-c7gq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/145288?format=api", "purl": "pkg:hex/plug@1.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/145289?format=api", "purl": "pkg:hex/plug@1.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/145290?format=api", "purl": "pkg:hex/plug@1.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/145291?format=api", "purl": "pkg:hex/plug@1.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.3.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/506733?format=api", "purl": "pkg:hex/plug@0.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506734?format=api", "purl": "pkg:hex/plug@0.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506735?format=api", "purl": "pkg:hex/plug@0.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/506736?format=api", "purl": "pkg:hex/plug@0.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/506737?format=api", "purl": "pkg:hex/plug@0.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506738?format=api", "purl": "pkg:hex/plug@0.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506739?format=api", "purl": "pkg:hex/plug@0.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.5.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506740?format=api", "purl": "pkg:hex/plug@0.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.5.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/506741?format=api", "purl": "pkg:hex/plug@0.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506742?format=api", "purl": "pkg:hex/plug@0.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506743?format=api", "purl": "pkg:hex/plug@0.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506744?format=api", "purl": "pkg:hex/plug@0.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506745?format=api", "purl": "pkg:hex/plug@0.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506746?format=api", "purl": "pkg:hex/plug@0.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/506747?format=api", "purl": "pkg:hex/plug@0.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.8.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/506748?format=api", "purl": "pkg:hex/plug@0.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506749?format=api", "purl": "pkg:hex/plug@0.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506750?format=api", "purl": "pkg:hex/plug@0.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506751?format=api", "purl": "pkg:hex/plug@0.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506752?format=api", "purl": "pkg:hex/plug@0.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506753?format=api", "purl": "pkg:hex/plug@0.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/506754?format=api", "purl": "pkg:hex/plug@0.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506755?format=api", "purl": "pkg:hex/plug@0.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506756?format=api", "purl": "pkg:hex/plug@0.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506757?format=api", "purl": "pkg:hex/plug@0.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506758?format=api", "purl": "pkg:hex/plug@0.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506759?format=api", "purl": "pkg:hex/plug@0.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@0.14.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506760?format=api", "purl": "pkg:hex/plug@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506761?format=api", "purl": "pkg:hex/plug@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506762?format=api", "purl": "pkg:hex/plug@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506763?format=api", "purl": "pkg:hex/plug@1.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/506764?format=api", "purl": "pkg:hex/plug@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506765?format=api", "purl": "pkg:hex/plug@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506766?format=api", "purl": "pkg:hex/plug@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506767?format=api", "purl": "pkg:hex/plug@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/506768?format=api", "purl": "pkg:hex/plug@1.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/506769?format=api", "purl": "pkg:hex/plug@1.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/506770?format=api", "purl": "pkg:hex/plug@1.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/506771?format=api", "purl": "pkg:hex/plug@1.2.0-rc.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.2.0-rc.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506772?format=api", "purl": "pkg:hex/plug@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506773?format=api", "purl": "pkg:hex/plug@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/506774?format=api", "purl": "pkg:hex/plug@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/506775?format=api", "purl": "pkg:hex/plug@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/506776?format=api", "purl": "pkg:hex/plug@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7ryv-jjw4-b7gh" }, { "vulnerability": "VCID-dp5c-pz39-ckhp" }, { "vulnerability": "VCID-x7su-wxws-a3gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:hex/plug@1.3.1" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.78157", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.78131", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000053" }, { "reference_url": "https://elixirforum.com/t/security-releases-for-plug/3913", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://elixirforum.com/t/security-releases-for-plug/3913" }, { "reference_url": "https://elixirforum.com/t/static-and-session-security-fixes-for-plug/3913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://elixirforum.com/t/static-and-session-security-fixes-for-plug/3913" }, { "reference_url": "https://github.com/elixir-plug/plug", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/elixir-plug/plug" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000053", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000053" } ], "weaknesses": [ { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ryv-jjw4-b7gh" }