CVE-2019-16764

Name of the Vulnerable Software and Affected Versions PowAssent (affected versions not specified)

Description The use of String.to atom/1 in PowAssent is susceptible to denial of service attacks. In PowAssent.Phoenix.AuthorizationController, a value is fetched from the user-provided params, and String.to atom/1 is used to convert the binary value to an atom so it can be used to fetch the provider configuration value. This is unsafe as it is user-provided data, and can be used to fill up the whole atom table of ~1M, which will cause the app to crash.

Recommendations As a temporary workaround, consider disabling the String.to atom/1 function in PowAssent.Phoenix.AuthorizationController until a patch is available. Restrict access to the PowAssent.Phoenix.AuthorizationController to minimize the risk of exploitation. Avoid using user-provided data to convert binary values to atoms in the affected controller until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.