Package impact
Hex / cowlib
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-43970 | high | — | 8.0 | 23d ago | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in ninenines cowlib allows unauthenticated remote denial of service via memory exhaustion. cow_spdy:inflate/2 in cowlib… | |||
| CVE-2026-7790 | high | 7.5 | 7.5 | 25d ago | Uncontrolled Resource Consumption vulnerability in ninenines cowlib (cow_http_te module) allows Excessive Allocation. The chunked transfer-encoding parser in cow_http_te accepts an unbounded number … | |||
| CVE-2026-43968 | medium | 4.0 | 4.0 | 25d ago | ninenines cowlib: Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability allows SSE event splitting and injection via unvalidated field values | |||
| CVE-2026-43969 | low | 3.2 | 3.2 | 25d ago | cowlib: Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1 |