VYPR

Hex Core

by Bpsoft

Source repositories

CVEs (2)

  • CVE-2026-21619HigFeb 27, 2026
    risk 0.42cvss 7.5epss 0.01

    Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with…

  • CVE-2019-1000013Feb 4, 2019
    risk 0.00cvss epss 0.01

    Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from…