Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 8 hours ago3 views

CVE-2026-58226

Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score
Exploits0References5Affected Software1
OSV
OSV
added 8 hours ago3 views

EEF-CVE-2026-58226 Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax

Summary Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on the decoded value or the number of continuation octets...

8.7CVSS6.1AI score
Exploits0References4
CVE
CVE
added 2026/06/09 2:4 p.m.46 views

CVE-2026-49762

The CVE affects Elixir’s standard library Version module (Version.parse/1, parse!/1, parse_requirement/1, match?/3, compare/2). A numeric component in version strings is converted to integers without bounds, enabling an attacker to cause CPU and memory exhaustion (DoS) by supplying a large all-di...

5.1CVSS5.5AI score0.00152EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 2:4 p.m.7 views

EEF-CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service

Summary Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion. The version parser converts numeric version components major, minor, patch and...

5.1CVSS5.5AI score0.00152EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.9 views

Elixir -- Denial of service via unbounded integer parsing in Version

PJUllrich reports: The Version module parses numeric version components without length limits. Untrusted input can trigger creation of arbitrary-precision integers, causing CPU and memory exhaustion...

5.1CVSS5.4AI score0.00152EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.10 views

Elixir -- Denial of service via unbounded integer parsing in Version

PJUllrich reports: The Version module parses numeric version components without length limits. Untrusted input can trigger creation of arbitrary-precision integers, causing CPU and memory exhaustion...

5.1CVSS5.4AI score0.00152EPSS
Exploits0References1
Rows per page
Query Builder