Lucene search
K

610 matches found

NVD
NVD
added 2026/06/02 4:16 p.m.11 views

CVE-2026-48862

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSHPROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decodepushpromiseheadersandaddresponse/5 inserts a :reservedremote entry...

8.2CVSS0.00384EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/02 2:15 p.m.39 views

CVE-2026-48862 Unbounded conn.streams growth in Mint HTTP/2 client via unenforced PUSH_PROMISE concurrency

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSHPROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decodepushpromiseheadersandaddresponse/5 inserts a :reservedremote entry...

8.2CVSS0.00384EPSS
Exploits0References4
OSV
OSV
added 2026/06/02 2:15 p.m.9 views

EEF-CVE-2026-48862 Unbounded conn.streams growth in Mint HTTP/2 client via unenforced PUSH_PROMISE concurrency

Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSHPROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decodepushpromiseheadersandaddresponse/5 inserts a :reservedremote...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References4
CVE
CVE
added 2026/06/02 2:15 p.m.19 views

CVE-2026-48862

Mint’s HTTP/2 client is vulnerable to unbounded growth of conn.streams due to PUSH_PROMISE handling. In Mint.HTTP2.decode_push_promise_headers_and_add_response/5, a :reserved_remote entry is created for every promised stream ID, and assert_valid_promised_stream_id/2 only checks that the ID is eve...

8.2CVSS5.8AI score0.00384EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/02 2:15 p.m.10 views

CVE-2026-48862

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSHPROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decodepushpromiseheadersandaddresponse/5 inserts a :reservedremote entry...

8.2CVSS5.8AI score0.00384EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/02 2:15 p.m.11 views

CVE-2026-48862 Unbounded conn.streams growth in Mint HTTP/2 client via unenforced PUSH_PROMISE concurrency

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSHPROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decodepushpromiseheadersandaddresponse/5 inserts a :reservedremote entry...

8.2CVSS5.8AI score0.00384EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/02 2:15 p.m.10 views

EUVD-2026-33939

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSHPROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decodepushpromiseheadersandaddresponse/5 inserts a :reservedremote entry...

8.2CVSS5.8AI score0.00384EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45785

Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSH PROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decode push promise headers and add response/5 inserts a :reserve...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.15 views

Mint 安全漏洞

Mint is a functional underlying HTTP client library developed by Elixir Mint. Versions of Mint from 0.2.0 to 1.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP/2 server’s ability to insert unlimited entries through the PUSHPROMISE frame, which could lead to memo...

8.2CVSS5.4AI score0.00384EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/29 5:51 p.m.18 views

vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass

Summary A sandbox escape vulnerability in vm2 allows arbitrary code execution in the host process when untrusted code is executed with async support on runtimes exposing WebAssembly JSPI WebAssembly.promising / WebAssembly.Suspending. In the tested configuration, a JSPI-backed Promise can reach...

9.8CVSS6.4AI score0.00507EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/29 5:40 p.m.12 views

GHSA-76W7-J9CQ-RX2J vm2 is Vulnerable to Sandbox Breakout Through Promise Species

Summary VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details The localPromise constructor was changed to call this.thenundefined, eater to ensure a rejected promise i...

10CVSS6.5AI score0.0051EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/29 5:40 p.m.63 views

vm2 is Vulnerable to Sandbox Breakout Through Promise Species

Summary VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details The localPromise constructor was changed to call this.thenundefined, eater to ensure a rejected promise i...

10CVSS6.5AI score0.0051EPSS
Exploits0References5Affected Software1
Redos
Redos
added 2026/05/29 12:0 a.m.16 views

ROS-20260529-73-0010

The vulnerability of JavaScript script handlers in Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the issue of writing beyond the buffer boundaries in memory during the processing of Promise objects. Exploiting this vulnerability allows a malicious actor to execute arbitra...

9.8CVSS6.3AI score0.08917EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.20 views

PT-2026-45032

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description A sandbox escape allows arbitrary code execution in the host process when untrusted code is executed with async support on runtimes exposing WebAssembly JSPI WebAssembly JavaScript Promise Integration,...

9.8CVSS6AI score0.00507EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/18 7:58 p.m.11 views

CVE-2026-44001

A flaw was found in vm2 before 3.11.0. Sandboxed code can crash the host Node.js process via a Promise constructor that triggers an unhandled rejection propagating to the host; the CVE-2026-22709 fix only sanitized .then/.catch callbacks, not the executor path. Fixed in 3.11.0...

8.6CVSS5.9AI score0.00448EPSS
Exploits1References4
Patchstack
Patchstack
added 2026/05/14 8:30 p.m.14 views

NPM: Svelte: SSR XSS via Insecure Promise Serialization in hydratable

NPM: Svelte: SSR XSS via Insecure Promise Serialization in hydratable vulnerability discovered by ? in WordPress Npm svelte versions = 5.46.0, = 5.55.6...

5.8AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/14 8:30 p.m.4 views

GHSA-F3CJ-J4F6-WQ85 Svelte: SSR XSS via Insecure Promise Serialization in hydratable

Contents of hydratable promises were not properly stringified, potentially leading to an XSS exploit. You are vulnerable if all of the following is true: - you are using hydratable an experimental feature at the time of this report - you are passing attacker-controlled input such that a synchrono...

5.3CVSS5.8AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/14 8:30 p.m.42 views

Svelte: SSR XSS via Insecure Promise Serialization in hydratable

Contents of hydratable promises were not properly stringified, potentially leading to an XSS exploit. You are vulnerable if all of the following is true: - you are using hydratable an experimental feature at the time of this report - you are passing attacker-controlled input such that a synchrono...

5.8AI score
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/13 6:16 p.m.14 views

CVE-2026-44000

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the value delivered to the...

7.2CVSS0.002EPSS
Exploits1References1
NVD
NVD
added 2026/05/13 6:16 p.m.20 views

CVE-2026-44001

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to crash the host Node.js process via a single Promise constructor that triggers an unhandled rejection propagating to the host. The fix for CVE-2026-22709 v3.10....

8.6CVSS0.00448EPSS
Exploits1References4
Rows per page
Query Builder