VYPR

Hex (Elixir) package

wisp

pkg:hex/wisp

Vulnerabilities (2)

  • CVE-2026-32145HigApr 2, 2026
    affected < 2.2.2fixed 2.2.2

    Allocation of Resources Without Limits or Throttling vulnerability in gleam-wisp wisp allows a denial of service via multipart form body parsing. The multipart_body function bypasses configured max_body_size and max_files_size limits. When a multipart boundary is not present in

  • CVE-2026-28807HigMar 10, 2026
    affected >= 2.1.1, < 2.2.1fixed 2.2.1

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.serve_static function is vulnerable to path traversal because sanitization runs before percent-