Information exposure through an exception

commandblock123 / handwriting-synthesis

💻Handwriting Synthesis API: Dockerized Implementation of RNN-based Handwriting Generation

0 stars 1 forks source link

Information exposure through an exception #4

Closed commandblock123 closed 4 months ago

commandblock123 commented 4 months ago

Tracking issue for:

[ ] https://github.com/commandblock123/handwriting-synthesis/security/code-scanning/1

commandblock123 commented 4 months ago

https://github.com/commandblock123/handwriting-synthesis/blob/485f6d331b50c6b2d8abcfc9ca013f6e47b3a96b/api.py#L27-L33

There is a potential security vulnerability in api.py on line 30. In the event of an error, the full exception message, including the stack trace, is being returned to the user. This could potentially expose sensitive information about the application's internal workings.

commandblock123 commented 4 months ago

de4ad7be34cb58048da07cd7030b000c9293aab6