CVE-2017-20166

Name of the Vulnerable Software and Affected Versions Ecto version 2.2.0

Description The issue is related to a lack of protection mechanism in the interaction between is nil and raise functions. Specifically, Ecto will not raise on queries with non-explicit nil comparisons, unless they are checked with is nil.

Recommendations For Ecto version 2.2.0, consider adding explicit nil checks using the is nil function to ensure queries raise appropriately when encountering nil values. As a temporary workaround, review and modify queries to include explicit nil comparisons to minimize potential issues.