VYPR

Cowboy

by Ninenines

Source repositories

CVEs (2)

  • CVE-2026-8466HigMay 13, 2026
    risk 0.46cvss epss 0.00

    Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart header parsing. cowboy_req:read_part/3 in src/cowboy_req.erl accumulates incoming request bytes into a Buffer binary…

  • CVE-2026-43966MedJun 8, 2026
    risk 0.34cvss epss 0.00

    Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string values. cow_http_struct_hd:escape_string/2 in cowlib only escapes \ and…