Packages
sobelow
0.6.0
0.14.1
0.14.0
0.13.0
0.12.2
0.12.1
0.12.0
0.11.1
0.11.0
0.10.6
0.10.5
0.10.4
0.10.3
0.10.2
0.10.1
0.10.0
0.9.3
0.9.2
0.9.1
0.9.0
0.8.0
0.7.8
0.7.7
0.7.6
0.7.5
0.7.4
0.7.3
0.7.2
0.7.1
0.7.0
0.6.9
0.6.8
0.6.7
0.6.6
0.6.5
0.6.4
0.6.3
0.6.2
0.6.1
0.6.0
0.5.4
0.5.3
0.5.2
0.5.1
0.5.0
0.4.9
0.4.8
0.4.7
0.4.6
0.4.5
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.12
0.3.11
0.3.10
0.3.9
0.3.8
0.3.7
0.3.6
0.3.5
0.3.4
0.3.3
0.3.2
0.3.1
0.3.0
0.2.8
0.2.7
0.2.6
0.2.5
0.2.4
0.2.3
Security-focused static analysis for Elixir & the Phoenix framework
Current section
Files
Jump to
Current section
Files
lib/sobelow/vuln/coherence.ex
defmodule Sobelow.Vuln.Coherence do
alias Sobelow.Utils
alias Sobelow.Vuln
use Sobelow.Finding
@vuln_vsn ["<=0.5.1"]
def run(root) do
plug_conf = root <> "/deps/coherence/mix.exs"
if File.exists?(plug_conf) do
vsn = Utils.get_version(plug_conf)
case Version.parse(vsn) do
{:ok, vsn} ->
if Enum.any?(@vuln_vsn, fn v -> Version.match?(vsn, v) end) do
Vuln.print_finding(vsn, "Coherence",
"Permissive parameters and privilege escalation",
"TBA - https://github.com/smpallen99/coherence/issues/270")
end
_ -> nil
end
end
end
def details() do
Sobelow.Vuln.details()
end
end