Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/15 9:56 p.m.30 views

CVE-2026-48853 Remote code execution and denial of service via unsafe Erlang term deserialization in elixir-grpc/grpc

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code...

9.2CVSS0.00573EPSS
Exploits0References4
OSV
OSV
added 2026/03/01 1:25 a.m.2 views

GHSA-HX9W-F2W9-9G96 hex_core has Unsafe Deserialization of Erlang Terms

Impact The Hex client hexcore deserializes Erlang terms received from the Hex API using binarytoterm/1 without sufficient restrictions. If an attacker can control the HTTP response body returned by the Hex API, this allows denial-of-service attacks such as atom table exhaustion, leading to a VM...

2CVSS6.2AI score0.00576EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/03/01 1:25 a.m.4 views

hex_core has Unsafe Deserialization of Erlang Terms

Impact The Hex client hexcore deserializes Erlang terms received from the Hex API using binarytoterm/1 without sufficient restrictions. If an attacker can control the HTTP response body returned by the Hex API, this allows denial-of-service attacks such as atom table exhaustion, leading to a VM...

7.5CVSS6.2AI score0.00576EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/27 5:57 p.m.5 views

CVE-2026-21619 Unsafe Deserialization of Erlang Terms in hex_core

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

2CVSS5.9AI score0.00576EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/27 5:57 p.m.27 views

CVE-2026-21619 Unsafe Deserialization of Erlang Terms in hex_core

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

2CVSS0.00576EPSS
Exploits0References6
OSV
OSV
added 2026/02/27 5:57 p.m.4 views

EEF-CVE-2026-21619 Unsafe Deserialization of Erlang Terms in hex_core

Summary Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl...

2CVSS5.8AI score0.00576EPSS
Exploits0References6
Rows per page
Query Builder