Lucene search
K

5 matches found

EUVD
EUVD
added 2026/05/08 8:24 p.m.18 views

EUVD-2026-27339

Phoenix: Long-poll NDJSON body splitting causes large memory allocation...

8.7CVSS5.8AI score0.00469EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.13 views

CVE-2026-32689

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling. In 'Elixir.Phoenix.Transports.LongPoll':publish/4, when a POST request is received with Content-Type: application/x-ndjson,...

8.7CVSS5.8AI score0.00469EPSS
Exploits0References1
NVD
NVD
added 2026/05/05 4:16 p.m.25 views

CVE-2026-32689

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling. In 'Elixir.Phoenix.Transports.LongPoll':publish/4, when a POST request is received with Content-Type: application/x-ndjson,...

8.7CVSS0.00469EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/05 3:17 p.m.51 views

CVE-2026-32689 Long-poll NDJSON body splitting causes unbounded memory allocation in Phoenix

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling. In 'Elixir.Phoenix.Transports.LongPoll':publish/4, when a POST request is received with Content-Type: application/x-ndjson,...

8.7CVSS0.00469EPSS
Exploits0References5
CVE
CVE
added 2026/05/05 3:17 p.m.16 views

CVE-2026-32689

CVE-2026-32689 affects Phoenix (Elixir) LongPoll transport: in Elixir.Phoenix.Transports.LongPoll publish/4, a POST with Content-Type: application/x-ndjson is split by newline without a limit, turning a small payload into enormous lists of empty binaries and a second large list via Enum.map, caus...

8.7CVSS5.8AI score0.00469EPSS
Exploits0References5
Rows per page
Query Builder