gun Security Advisories - Hex | Ecosyste.ms: Advisories

gun

HTTP/1.1, HTTP/2 and Websocket client for Erlang/OTP.

View on github.com · View on hex.pm

Security Advisories for gun in hex

High

3 days ago

gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion EEF-CVE-2026-43973

hex gun

Medium

3 days ago

gun HTTP/2 PUSH_PROMISE authority not validated against connection origin allows cross-origin cookie injection EEF-CVE-2026-43972

hex gun

High

3 days ago

gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM EEF-CVE-2026-43974

hex gun

Filter by Severity

High 2 Medium 1