4 matches found
CVE-2026-59694 Unbounded access list in mpp Tempo fee-payer inflates gas cost per payment
Improper Validation of Specified Quantity in Input in ZenHive mpp allows an unauthenticated remote client to inflate the fee-payer's gas cost per payment by a large multiplier, degrading the sponsor's operating margin. When the mpp Elixir library is configured as fee payer feepayer: true,...
CVE-2026-39806 HTTP/1 chunked decoder infinite loop on requests with trailer fields in bandit
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in mtrudel bandit allows unauthenticated remote denial of service via worker process exhaustion. 'Elixir.Bandit.HTTP1.Socket':doreadchunkeddata!/5 in lib/bandit/http1/socket.ex terminates only when the last-chunk line 0\r\n is...
oidcc 安全漏洞
oidcc is an open source OpenId Connect client library in Erlang & Elixir by The Erlang Ecosystem Foundation. A security vulnerability exists in oidcc 3.0.0 and later, which stems from the presence of a Denial of Service DoS vulnerability...
CVE-2021-43568
The verify function in the Stark Bank Elixir ECDSA library ecdsa-elixir 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...