CVE-2017-20166 Information

Description

Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and raise.

Reference

https://github.com/elixir-ecto/ecto/pull/2125 https://github.com/advisories/GHSA-2xxx-fhc8-9qvq https://github.com/elixir-ecto/ecto/commit/db55b0cba6525c24ebddc88ef9ae0c1c00620250 https://groups.google.com/forum/#!topic/elixir-ecto/0m4NPfg_MMU