VYPR

Hex (Elixir) package

plug_cowboy

pkg:hex/plug_cowboy

Vulnerabilities (1)

  • CVE-2026-32688HigApr 27, 2026
    affected >= 2.0.0, < 2.8.1fixed 2.8.1

    Allocation of Resources Without Limits or Throttling vulnerability in elixir-plug plug_cowboy allows unauthenticated remote denial of service via atom table exhaustion. Plug.Cowboy.Conn.conn/1 in lib/plug/cowboy/conn.ex calls String.to_atom/1 on the value returned by :cowboy_req