Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.12 views

CVE-2026-8468

Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on t...

8.2CVSS6AI score0.0062EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-8466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart...

8.2CVSS5.7AI score0.00382EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/20 3:35 p.m.32 views

Plug: Unbounded buffer accumulation in multipart header parsing causes denial of service

Summary An Allocation of Resources Without Limits or Throttling vulnerability in Plug.Conn.readpartheaders/2 allows an unauthenticated attacker to exhaust server memory by sending a crafted multipart/form-data request, causing a denial of service. Details Plug.Conn.readpartheaders/2 in...

8.2CVSS5.9AI score0.0062EPSS
Exploits0References11Affected Software1
EUVD
EUVD
added 2026/05/20 3:35 p.m.10 views

EUVD-2026-30266

Plug: Unbounded buffer accumulation in multipart header parsing causes denial of service...

8.2CVSS5.9AI score0.0062EPSS
Exploits0References10
NVD
NVD
added 2026/05/14 11:16 a.m.18 views

CVE-2026-8468

Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on t...

8.2CVSS0.0062EPSS
Exploits0References9
CVE
CVE
added 2026/05/14 10:29 a.m.20 views

CVE-2026-8468

Summary (facts from sources): CVE-2026-8468 describes an unbounded memory accumulation in multipart header parsing within Elixir Plug (plug_project) andCowboy-derived code. The root cause is in plug_multipart:parse_headers/2 (and read_part_headers/2 in lib/plug/conn.ex) which accumulates incoming...

8.2CVSS6AI score0.0062EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/14 10:29 a.m.46 views

CVE-2026-8468 Unbounded buffer accumulation in multipart header parsing causes denial of service in plug

Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on t...

8.2CVSS0.0062EPSS
Exploits0References9
OSV
OSV
added 2026/05/14 10:29 a.m.5 views

EEF-CVE-2026-8468 Unbounded buffer accumulation in multipart header parsing causes denial of service in plug

Summary Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper...

8.2CVSS6AI score0.0062EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.13 views

PT-2026-40905

Name of the Vulnerable Software and Affected Versions plug versions 1.4.0 through 1.15.3 plug version 1.16.3 plug version 1.17.1 plug version 1.18.2 plug version 1.19.2 Description An unbounded buffer accumulation issue exists during multipart header parsing. The function read part headers/2 in...

8.2CVSS6AI score0.0062EPSS
Exploits0References16
OSV
OSV
added 2026/05/13 9:32 p.m.6 views

GHSA-JFC2-Q6QH-G5X8 Cowboy: Unbounded buffer accumulation in multipart header parsing causes denial of service in cowboy

Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart header parsing. cowboyreq:readpart/3 in src/cowboyreq.erl accumulates incoming request bytes into a Buffer binary with no upper-bound chec...

8.2CVSS5.8AI score0.00382EPSS
Exploits0References5
CVE
CVE
added 2026/05/13 6:26 p.m.26 views

CVE-2026-8466

CVE-2026-8466 affects the Cowboy web server (ninenines) prior to 2.15.0. The issue is an unbounded memory growth vulnerability in multipart header parsing: cowboy_req:read_part/3 accumulates request bytes into a Buffer without an upper-bound check, and when cow_multipart:parse_headers/2 returns m...

8.2CVSS5.9AI score0.00382EPSS
Exploits0References3
OSV
OSV
added 2026/05/13 6:26 p.m.8 views

EEF-CVE-2026-8466 Unbounded buffer accumulation in multipart header parsing causes denial of service in cowboy

Summary Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart header parsing. cowboyreq:readpart/3 in src/cowboyreq.erl accumulates incoming request bytes into a Buffer binary with no...

8.2CVSS5.9AI score0.00382EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/13 6:26 p.m.58 views

CVE-2026-8466 Unbounded buffer accumulation in multipart header parsing causes denial of service in cowboy

Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart header parsing. cowboyreq:readpart/3 in src/cowboyreq.erl accumulates incoming request bytes into a Buffer binary with no upper-bound chec...

8.2CVSS0.00382EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-38278

Name of the Vulnerable Software and Affected Versions python-multipart versions prior to 0.0.27 Description A denial of service issue exists in the multipart part header parsing of the MultipartParser when processing multipart/form-data. The parser lacked limits on the number of part headers and...

7.5CVSS5.8AI score0.00549EPSS
Exploits0References186
OSV
OSV
added 2026/03/15 5:53 a.m.3 views

OESA-2026-1552 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ excepti...

7.5CVSS5.6AI score0.00602EPSS
Exploits3References4
Rows per page
Query Builder