CVE-2024-41951

July 31, 2024, 8:15 p.m.

4.4
Medium

Description

Pheonix App is a Python application designed to streamline various tasks, from managing files to playing mini-games. The issue is that the map of encoding/decoding languages are visible in code. The Problem was patched in 0.2.4.

Product(s) Impacted

Product Versions
Pheonix App
  • 0.2.4

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-323
Reusing a Nonce, Key Pair in Encryption
Nonces should be used for the present occasion and only once.

References

https://github.com/AkshuDev/PheonixAppAPI/security/advisories/GHSA-258h-f687-4226

Tags

security-advisories@github.com
2024-07-31
CVE-2024-41951
CWE-323

CVSS Score

4.4 / 10

CVSS Data

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: LOW
  • Availability Impact: NONE
    • View Vector String

    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Date

  • Published: July 31, 2024, 8:15 p.m.
  • Last Modified: July 31, 2024, 8:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security-advisories@github.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.