Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution in paginator(hex)
Vulnerability Description
There is a vulnerability in Paginator (Elixir/Hex package) which makes it susceptible to Remote Code Execution (RCE) attacks via input parameters to the paginate() function. This will potentially affect all current users of Paginator prior to version 1.0.0. The vulnerability has been patched in version 1.0.0 and all users should upgrade to this version immediately. Note that this patched version uses a dependency that requires an Elixir version >=1.5.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
Paginator Elixir/Hex 代码注入漏洞
Vulnerability Description
Paginator Elixir/Hex是一个应用软件。一个分页器。 Paginator(Elixir/Hex包)中存在代码注入漏洞,攻击者通过注入paginate()函数的输入参数进而执行远程代码。
CVSS Information
N/A
Vulnerability Type
N/A