Vulnerabilities > Powauth
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-18 | CVE-2023-42446 | Operation on a Resource after Expiration or Release vulnerability in Powauth POW Pow is a authentication and user management solution for Phoenix and Plug-based apps. | 6.5 |
| 2020-01-09 | CVE-2020-5205 | Session Fixation vulnerability in Powauth POW In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. | 5.4 |
| 2019-11-25 | CVE-2019-16764 | Unspecified vulnerability in Powauth Powassent The use of `String.to_atom/1` in PowAssent is susceptible to denial of service attacks. | 5.5 |