PT-2024-29659 · Unknown · Pheonix App
Akshudev
·
Published
2024-07-31
·
Updated
2024-08-01
·
CVE-2024-41951
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Pheonix App versions prior to 0.2.4
Pheonix App versions prior to 0.2.5
Description
The issue is related to the map of encoding/decoding languages being visible in the code, which can have a moderate impact, particularly for users who want to secure their code, files, etc.
Recommendations
For versions prior to 0.2.4, upgrade to version 0.2.4 or later to resolve the issue.
For versions prior to 0.2.5, upgrade to version 0.2.5 and run the post install.py file inside the Scripts folder after downloading from pip.
As a temporary workaround for versions that cannot be upgraded, consider modifying the code to hide the map of encoding/decoding languages, but be aware that this can lead to more issues.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pheonix App