Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:35 a.m.7 views

CVE-2019-16764

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

6.5CVSS6.6AI score0.01082EPSS
Exploits0References1
OSV
OSV
added 2019/11/25 5:15 p.m.13 views

CVE-2019-16764

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

5.5CVSS6.7AI score
Exploits0References4
Cvelist
Cvelist
added 2019/11/25 5:11 p.m.17 views

CVE-2019-16764 PowAssent is susceptible to denial of service attacks

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

6.5CVSS6.3AI score0.01082EPSS
Exploits0References4
CVE
CVE
added 2019/11/25 5:11 p.m.52 views

CVE-2019-16764

Summary : CVE-2019-16764 concerns PowAssent (Elixir) where a value from user parameters is passed to String.to_atom/1 in PowAssent.Phoenix.AuthorizationController. This unsafe conversion can exhaust the atom table (≈1M atoms), causing a denial-of-service at runtime. The description is consistent ...

6.5CVSS5.5AI score0.01082EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder