Packages

absinthe

v1.10.2

GraphQL for Elixir

HexDocs HexPreview

Current section

2 Advisories

Jump to

Readme 121 Versions 5 Dependencies 102 Dependants Activity 2 Advisories

EEF-CVE-2026-42793 CVE-2026-42793 GHSA-qf4g-9fqq-mmm7

Atom table exhaustion via attacker-controlled GraphQL SDL names in absinthe

May 08, 2026

CVSS

8.2 / 10.0 High

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 1.5.0 and < 1.10.2

References

https://github.com/absinthe-graphql/absinthe/security/advisories/GHSA-qf4g-9fqq-mmm7
https://cna.erlef.org/cves/CVE-2026-42793.html
https://hex.pm/packages/absinthe

EEF-CVE-2026-43967 CVE-2026-43967 GHSA-9mhv-8h52-q7q2

Quadratic fragment-name uniqueness check causes denial of service in absinthe

May 08, 2026

CVSS

8.7 / 10.0 High

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 1.2.0 and < 1.10.2

References

https://github.com/absinthe-graphql/absinthe/security/advisories/GHSA-9mhv-8h52-q7q2
https://cna.erlef.org/cves/CVE-2026-43967.html
https://github.com/absinthe-graphql/absinthe/commit/223600c520493dcaf95080af552c413099f92c9d
https://hex.pm/packages/absinthe

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions

this version

yesterday

11 163

last 7 days

60 717

all time

46 138 510

Last Updated

May 08, 2026

License

MIT

Build Tools

mix

Publisher

benwilson512

Owners

bruce
benwilson512
cschiewek
binaryseed

absinthe

Checksum

Dependency Config

Package Details

Links

Owners