hex
19,429 packages · hex.pm
Security Advisories in hex
Moderate
22 days ago
ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay
hex, pypi, rubygems, maven, go, packagist, npm
altcha, org.altcha:altcha, github.com/altcha-org/altcha-lib-go, altcha-org/altcha, altcha-lib
High
3 months ago
Ash has authorization bypass when bypass policy condition evaluates to true
hex
ash
High
3 months ago
Ash Framework: Filter authorization misapplies impossible bypass/runtime policies
hex
ash
High
4 months ago
Before action, Ash's hooks may execute in certain scenarios despite a request being forbidden
hex
ash
Low
7 months ago
ash_authentication_phoenix has Insufficient Session Expiration
hex
ash_authentication_phoenix
Moderate
9 months ago
ash_authentication has email link auto-click account confirmation vulnerability
hex
ash_authentication
Moderate
11 months ago
Ash Authentication has flawed token revocation checking logic in actions generated by `mix ash_authentication.install`
hex
ash_authentication
High
about 1 year ago
RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission
hex
rabbit_common
Moderate
about 1 year ago
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.
hex
ash_postgres
Moderate
almost 2 years ago
OpenID Connect client Atom Exhaustion in provider configuration worker ets table location
hex
oidcc
Moderate
almost 2 years ago
erlang-jose vulnerable to denial of service via large p2c value
hex
jose
High
over 2 years ago
Livebook Desktop's protocol handler can be exploited to execute arbitrary command on Windows
hex
livebook
Moderate
almost 3 years ago
phoenix_html allows Cross-site Scripting in HEEx class attributes
hex, npm
phoenix_html
Critical
over 3 years ago
ecdsa-elixir fails to check signatures, vulnerable to message forging
hex
ecdsa-elixir
High
over 3 years ago
Erlang Solutions MongooseIM vulnerable to denial of service (DoS) via crafted XMPP stream
hex
MongooseIM
Low
over 3 years ago
puppetlabs-rabbitmq allows local users to obtain sensitive information
hex
puppetlabs-rabbitmq
Filter by Severity
Filter by Package
ash
3
plug
3
phoenix
2
ecto
2
rabbit_common
2
phoenix_html
2
ash_authentication
2
hackney
2
pow
2
oidcc
1
altcha
1
github.com/altcha-org/altcha-lib-go
1
xain
1
coherence
1
org.altcha:altcha
1
ash_authentication_phoenix
1
MongooseIM
1
mtproto_proxy
1
sweet_xml
1
altcha
1
jose
1
livebook
1
Samly
1
ejabberd
1
pleroma
1
hex_core
1
pow_assent
1
ash_postgres
1
puppetlabs-rabbitmq
1
altcha-lib
1
ecdsa-elixir
1
alchemist.vim
1
altcha
1
RabbitMQ
1
phoenix_html
1
altcha-org/altcha
1
paginator
1
Filter by Repository
https://github.com/ash-project/ash
3
https://github.com/team-alembic/ash_authentication
2
https://github.com/benoitc/hackney
2
https://github.com/elixir-ecto/ecto
2
https://github.com/phoenixframework/phoenix_html
2
https://github.com/tonini/alchemist-server
1
https://github.com/ash-project/ash_postgres
1
https://github.com/danschultzer/pow
1
https://github.com/dropbox/samly
1
https://github.com/DrunkenShells/Disclosures
1
https://github.com/duffelhq/paginator
1
https://github.com/elixir-plug/plug
1
https://github.com/erlef/oidcc
1
https://github.com/esl/MongooseIM
1
https://github.com/hexpm/hex_core
1
https://github.com/kbrw/sweet_xml
1
https://github.com/kphrx/pleroma
1
https://github.com/livebook-dev/livebook
1
https://github.com/P3ngu1nW/CVE_Request
1
https://github.com/phoenixframework/phoenix
1
https://github.com/pow-auth/pow
1
https://github.com/pow-auth/pow_assent
1
https://github.com/processone/ejabberd
1
https://github.com/rabbitmq/rabbitmq-server
1
https://github.com/smpallen99/coherence
1
https://github.com/smpallen99/xain
1
https://github.com/starkbank/ecdsa-elixir
1
https://github.com/team-alembic/ash_authentication_phoenix
1