71 matches found
EEF-CVE-2026-53423 Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin
Summary Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membrane\mp4\plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.to\atom/1 without validation...
CVE-2026-53423 Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin
Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membranemp4plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.toatom/1 without validation...
CVE-2026-53423 Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin
Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membranemp4plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.toatom/1 without validation...
CVE-2026-53423
CVE-2026-53423 affects membrane_mp4_plugin (Elixir/Membrane) from version 0.3.0 up to
MPEG-4 container plugin for Membrane Framework 安全漏洞
The MPEG-4 container plugin for Membrane Framework is an open-source plugin developed by Membrane Framework for parsing and multiplexing MP4 containers. Versions of the MPEG-4 container plugin for Membrane Framework from 0.3.0 to 0.36.7 contained security vulnerabilities. These vulnerabilities...
PT-2026-48648
Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membrane mp4 plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.to atom/1 without validation...
Malicious code in polaris-juno-taphonomy-membrane (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57aadb0c6fc2fa048e9640b5186c58a3bf3c7e138f166b104d24916c8d7d6286 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177904
Malicious code in membrane-kuiperbelt-cluster-remark npm...
Malicious code in epimetheus-loglevel-membrane-solarnebula (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3882f96f6ba94008491b8b2d879161bdb319ae0eee595576b6f91e29c1b50df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in terser-webpack-plugin-delphinus-membrane-cryovolcano (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f1fbd056f464401107ffa949a75c56dc9110b1b201fa564b844e813212402a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179234
Malicious code in duplex-parcel-nodejs-membrane npm...
EUVD-2025-176570
Malicious code in sadr-membrane-slides-meteor npm...
Malicious code in ganymede-flare-aurora-membrane (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0243563bbd76210b34b5e68a36b4784afe93fd2191c332071ac47dab89494808 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176496
Malicious code in scorpius-elara-membrane-brane npm...
EUVD-2025-177905
Malicious code in membrane-genomics-passport-pulsar npm...
EUVD-2025-178781
Malicious code in ganymede-flare-aurora-membrane npm...
EUVD-2025-179040
Malicious code in eslint-plugin-eslint-sails-membrane npm...
EUVD-2025-179937
Malicious code in bunyan-cosmicray-membrane-terser npm...
EUVD-2025-178929
Malicious code in fermiparadox-graviton-brane-membrane npm...
EUVD-2025-176320
Malicious code in soap-membrane-thermosphere-eridanus npm...