plug is vulnerable to Cookie Attribute Injection
21
Low Risk
Plug.Conn.Cookies.encode/2 in the Elixir plug library builds the Set-Cookie response header by interpolating the cookie path, domain and same_site attributes directly into the header string without validating the ; character. Any Plug application that reflects attacker-controlled data into a cookie attribute lets an unauthenticated attacker inject additional cookie attributes through ;. Plug already handles and null bytes accordingly, so header injection is not possible.
You are affected if you are using a version that falls within the vulnerable range.
plug is vulnerable to Cookie Attribute Injection in versions 0.1.0 - 1.16.5, 1.17.0 - 1.17.3, 1.18.0 - 1.18.4, 1.19.0 - 1.19.4 and 1.20.0 - 1.20.2.
Upgrade the plug library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant