CVE-2026-21619

A flaw was found in the hexcore, hex, and rebar3 components. This vulnerability, stemming from uncontrolled resource consumption and deserialization of untrusted data, allows a remote attacker to perform object injection and excessive memory allocation. By sending specially crafted data, an...

CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

DEBIAN-CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

CVE-2026-21619 Unsafe Deserialization of Erlang Terms in hex_core

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

CVE-2026-21619 Unsafe Deserialization of Erlang Terms in hex_core

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

PT-2026-22367

Name of the Vulnerable Software and Affected Versions hex core versions 0.1.0 through 0.12.0 hex versions 2.3.0 through 2.3.1 rebar3 versions 3.9.1 through 3.26.9 Description An issue exists in hex core, hex, and rebar3 related to uncontrolled resource consumption and deserialization of untrusted...

EUVD-2020-6017

Malware in sbrugna...

EUVD-2019-1733

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-13802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. CVE-2020-13802 Note that Nessus...

SUSE CVE-2019-1000014

Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via Victim fetches packages from malicious/compromised mirro...

Rebar3 3.13.2 - Command Injection

Exploit Title: Rebar3 3.13.2 Command Injection Date: 2020-06-03 Exploit Author: Alexey Pronin Vendor Homepage: https://rebar3.org Software Link: https://github.com/erlang/rebar3 Versions affected: 3.0.0-beta.3 - 3.13.2 Tested on: Linux CVE: CVE-2020-13802 1. Description: ----------------------...

GLSA-202405-30 : Rebar3: Command Injection

The remote host is affected by the vulnerability described in GLSA-202405-30 Rebar3: Command Injection - Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. CVE-2020-13802 Note that Nessus has not tested for this issue but h...

Mageia: Security Advisory (MGASA-2020-0470)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated erlang-rebar3 package fixes security vulnerability

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification CVE-2020-13802...

MGASA-2020-0470 Updated erlang-rebar3 package fixes security vulnerability

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification CVE-2020-13802...

Rebar3 Command Injection (CVE-2020-13802)

A command injection vulnerability exists in Rebar3. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2020-13802

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...