These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A resource exhaustion vulnerability exists in the hackney HTTP client library for Erlang/Elixir, specifically affecting HTTP/3 response handling. The `hackney_h3:await_response_loop/6` function accumulates response body data in memory without enforcing a maximum size limit. The timeout mechanism resets on each received chunk or control frame rather than serving as a hard deadline, allowing a malicious ser [truncated]
A Server-Side Request Forgery (SSRF) vulnerability exists in the hackney HTTP client library for Erlang/Elixir. The root cause is an interpretation conflict between how hackney normalizes URLs versus how standard OTP functions parse them. Specifically, hackney_url:normalize/2 URL-decodes the host component after parsing, while uri_string:parse/1 and inet:parse_address/1 do not decode percent-escapes in th [truncated]
A CRLF injection vulnerability in the Erlang HTTP client library hackney allows HTTP request splitting when attacker-controlled data is included in URL query parameters. The library fails to percent-encode carriage return (CR) and line feed (LF) characters in query strings before constructing HTTP/1.1 request targets, violating RFC 3986 Section 3.4. This enables injection of arbitrary HTTP headers or requ [truncated]
## Summary CVE-2026-47073 is a HIGH severity (CVSS 8.7) resource exhaustion vulnerability in the hackney Erlang HTTP client, specifically affecting its WebSocket implementation. The vulnerability allows a malicious WebSocket server to cause denial-of-service through memory exhaustion via three distinct attack vectors: unbounded handshake response buffering, unbounded frame payload buffering, and unbounded [truncated]
CVE-2026-47072 documents a CRLF injection vulnerability in the hackney Erlang HTTP client, specifically within its WebSocket upgrade implementation. The flaw exists in versions 2.0.0 through 4.0.0, where user-controlled values for host, path, headers, and protocols are concatenated directly into raw HTTP/1.1 upgrade requests without sanitization of carriage return, line feed, or null characters. This allo [truncated]
A sensitive data exposure vulnerability exists in the hackney Erlang HTTP client library, specifically affecting HTTP/3 redirect handling. When follow_redirect is enabled, the HTTP/3 handler in src/hackney_h3.erl forwards original request headers—including Authorization and Cookie headers—to redirect targets without performing cross-origin validation. This allows credentials to be leaked to unintended thi [truncated]
A CRLF injection vulnerability exists in the hackney Erlang HTTP client library, specifically within the `hackney_cookie:setcookie/3` function. While the function validates cookie names and values against CRLF and control characters, it fails to apply equivalent sanitization to the `domain` and `path` options. An attacker who can influence these options—such as through a crafted Host header or request pat [truncated]
A resource exhaustion vulnerability in the Hackney HTTP client library for Erlang/Elixir allows remote attackers to crash the BEAM virtual machine by flooding it with unique URL scheme prefixes. The vulnerability stems from the use of `binary_to_atom/2` in the URL parser, which converts unrecognized schemes to permanent atoms that are never garbage-collected. With a default atom table limit of 1,048,576 e [truncated]
## Summary CVE-2026-47066 is a high-severity infinite-loop vulnerability in the hackney Erlang HTTP client. The Alt-Svc response-header parser fails to make forward progress when it encounters certain non-token characters, causing the connection process to spin at 100% CPU and never return. A malicious or compromised HTTP server can trigger this by sending a single crafted byte in the Alt-Svc header. ## A [truncated]