GHSA-258h-f687-4226
Suggest an improvement- Source
- https://github.com/advisories/GHSA-258h-f687-4226
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/07/GHSA-258h-f687-4226/GHSA-258h-f687-4226.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-258h-f687-4226
- Aliases
-
- CVE-2024-41951
- Published
- 2024-07-31T21:04:28Z
- Modified
- 2024-11-12T20:18:07.294257Z
- Severity
-
- 4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- 5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- PheonixAppAPI has visible Encoding Maps
- Details
-
Impact
This is a kind of moderate issue. The impact is not big for normal users but can be for users who want to secure their code/files/etc.
The issue is that the map of encoding/decoding languages are visible in code.
Patches
The Problem was patched in 0.2.5, so you should try to upgrade to the 0.2.5 version.
For 0.2.5 version users
Please run the post_install.py file inside the Scripts folder after downloading from pip.
Workarounds
There is a fix to this problem but it requires modifying the code. Modifying the code can lead to more issues.
References
There are currently no references to this problem.
NOTE: If you get a error regarding a function like -> getkey() or something like that, please re-run the file postinstall.py inside Scripts folder
- Database specific
{ "nvd_published_at": "2024-07-31T20:15:06Z", "cwe_ids": [ "CWE-323" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-07-31T21:04:28Z" }- References
Affected packages
PyPI / pheonixappapi
Package
- Name
- pheonixappapi
- View open source insights on deps.dev
- Purl
- pkg:pypi/pheonixappapi