VYPR

pow_assent

by Pow Auth

hex: pow_assent

Source repositories

CVEs (1)

  • CVE-2019-16764Nov 25, 2019
    risk 0.00cvss epss 0.01

    The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. In `PowAssent.Phoenix.AuthorizationController` a value is fetched from the user provided params, and `String.to_atom/1` is used to convert the binary value to an atom so it can be used to…