mint
Hex4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting mintpage 1 of 1
- CVE-2026-48861LOWCVSS 2.1EG 2.1✓ Fixed in 1.9.02026-06-02
vulnerable: 0.1.0 ... 1.8.0 (23 versions)
Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encode_request_line/2 function splices the caller-s…
- CVE-2026-48862HIGHCVSS 8.2EG 8.2✓ Fixed in 1.9.02026-06-02
vulnerable: 0.2.0 ... 1.8.0 (22 versions)
Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSH_PROMISE flooding. In lib/mint/http2.ex, Mint.HTTP2.decode_push_pr…
- CVE-2026-49753MEDIUMCVSS 6.3EG 6.3✓ Fixed in 1.9.02026-06-02
vulnerable: 0.1.0 ... 1.8.0 (23 versions)
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Le…
- CVE-2026-49754HIGHCVSS 8.2EG 8.2✓ Fixed in 1.9.02026-06-02
vulnerable: 0.1.0 ... 1.8.0 (23 versions)
Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client (HTTP/2 CONTINUATION flood). When Mint's HTTP/2 receive path observes a HE…
Check whether mint is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for mint CVEs against the assets you own.
Start Free Scan →