Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:phoenixframework:phoenix:1.0.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-42975 |
socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token. Published: October 17, 2022; 2:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2017-1000163 |
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks. Published: November 17, 2017; 4:29:00 PM -0500 |
V3.0: 6.1 MEDIUM V2.0: 5.8 MEDIUM |