EUVD-2026-37014

Improper Handling of Highly Compressed Data Data Amplification vulnerability in elixir-grpc grpc GRPC.Compressor.Gzip, GRPC.Message modules allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.e...

Elixir 资源管理错误漏洞

Elixir is a functional programming language developed under open source, running on the BEAM virtual machine. Versions of Elixir from 1.5.0 to 1.20.1 contained a resource management vulnerability. This vulnerability stemmed from an uncontrolled resource consumption issue within the Version module...

EUVD-2012-0007

Malware in sbrugna...

CVE-2021-32851

Mind-elixir is a free, open source mind map core. Prior to version 0.18.1, mind-elixir is prone to cross-site scripting when handling untrusted menus. This issue is patched in version 0.18.1...

GHSA-VFCG-5GGC-3RXX Elixir can leak information due to weak use of crypto

Elixir prior to and including 0.7.1 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database. A patch has been attached to the initial advisory to mitigate this...

CVE-2012-2146

Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...