Safety vulnerability ID: 71967
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Fides is an open-source privacy engineering platform. The Fides webserver requires a connection to a hosted PostgreSQL database for persistent storage of application data. If the password used by the web server for this database connection includes special characters such as `@` and `$`, the webserver startup fails and the part of the password following the special character is exposed in web server error logs. This is caused by improper escaping of the SQLAlchemy password string. As a result, users are subject to partial exposure of hosted database passwords in web server logs.
Latest version: 2.51.1
Open-source ecosystem for data privacy as code.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application