EUVD-2022-1629

Malicious code in bioql PyPI...

CVE-2019-16764

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

GHSA-5653-437F-5HMC Denial of service

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

Denial of service

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

PowAssent Input Validation Error Vulnerability

PowAssent is a multi-vendor supported version of the Pow authentication and user management library. An input validation error vulnerability exists in PowAssent. An attacker could exploit this vulnerability to cause a denial of service crash...

CVE-2019-16764

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

CVE-2019-16764

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

Code injection

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...

CVE-2019-16764

Summary : CVE-2019-16764 concerns PowAssent (Elixir) where a value from user parameters is passed to String.to_atom/1 in PowAssent.Phoenix.AuthorizationController. This unsafe conversion can exhaust the atom table (≈1M atoms), causing a denial-of-service at runtime. The description is consistent ...

CVE-2019-16764 PowAssent is susceptible to denial of service attacks

The use of String.toatom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.toatom/1 is used to convert the binary value to an atom so it can be used to fetch the provider...