CVE-2019-16764

Опубликовано: 25 нояб. 2019

Источник: nvd

CVSS3: 6.5

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

The use of String.to_atom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController a value is fetched from the user provided params, and String.to_atom/1 is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user provided data, and can be used to fill up the whole atom table of ~1M which will cause the app to crash.

Ссылки

http://erlang.org/doc/efficiency_guide/commoncaveats.html#list_to_atom-1
Product
https://github.com/pow-auth/pow_assent/commit/026105eeecc0e3c2f807e7109e745ea93c0fd9cf
Patch
https://github.com/pow-auth/pow_assent/security/advisories/GHSA-368c-xvrv-x986
Third Party Advisory
https://hex.pm/packages/pow_assent
Release Notes
http://erlang.org/doc/efficiency_guide/commoncaveats.html#list_to_atom-1
Product
https://github.com/pow-auth/pow_assent/commit/026105eeecc0e3c2f807e7109e745ea93c0fd9cf
Patch
https://github.com/pow-auth/pow_assent/security/advisories/GHSA-368c-xvrv-x986
Third Party Advisory
https://hex.pm/packages/pow_assent
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:powauth:powassent:*:*:*:*:*:*:*:*

Версия до 0.4.4 (исключая)

EPSS

Процентиль: 63%

0.00441

Низкий

6.5 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-400

NVD-CWE-noinfo

Связанные уязвимости

GHSA-5653-437f-5hmc

CVSS3: 6.5

github

почти 4 года назад

Denial of service

EPSS

Процентиль: 63%

0.00441

Низкий

6.5 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-400

NVD-CWE-noinfo