cowlib

2.17.1

2.17.1 2.17.0 2.16.1 2.16.0 2.15.0 2.14.0 2.13.0 2.12.1 2.12.0 2.11.0 2.10.1 2.10.0 2.9.1 2.9.0 2.8.0 2.7.3 2.7.2 retired 2.7.1 retired 2.7.0 2.6.0 2.5.1 2.5.0 2.4.0 2.3.0 2.2.1 2.2.0 2.1.0 2.0.1 2.0.0 1.3.0 1.2.0 1.1.0 1.0.2 1.0.1 1.0.0

Support library for manipulating Web protocols.

Security advisory: This version has known vulnerabilities. View advisories

HexPreview

Current section

5 Advisories

Jump to

Readme 35 Versions 0 Dependencies 35 Dependants 5 Advisories Activity

EEF-CVE-2026-43966 CVE-2026-43966

HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2

June 08, 2026

CVSS

6.3 / 10.0 Medium

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N

Affected Versions

>= 2.9.0

References

EEF-CVE-2026-43970 CVE-2026-43970 GHSA-84f2-rp86-235p

Decompression Bomb in cow_spdy:inflate/2 Allows Memory Exhaustion via Crafted SPDY Frame

May 13, 2026

CVSS

8.2 / 10.0 High

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.1.0 and < 2.16.1

References

EEF-CVE-2026-7790 CVE-2026-7790 GHSA-32p9-57cr-4x65

Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS

May 11, 2026

CVSS

8.7 / 10.0 High

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.6.0 and < 2.16.1

References

EEF-CVE-2026-43968 CVE-2026-43968 GHSA-hv23-4qp7-8c8r

CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1

May 11, 2026

CVSS

6.3 / 10.0 Medium

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Affected Versions

>= 2.6.0 and < 2.16.1

References

EEF-CVE-2026-43969 CVE-2026-43969 GHSA-g2wm-735q-3f56

Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1

May 11, 2026

CVSS

2.1 / 10.0 Low

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Affected Versions

>= 2.9.0 >= 2.9.0 and <= 2.16.1

References

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions

this version

120 916

yesterday

54 324

last 7 days

299 414

all time

100 628 718

Last Updated

Jun 11, 2026

License

ISC

Build Tools

make rebar3

Publisher

essen

Operator	Description	Example
name:	Match package name. Supports * wildcards and repo/package form	name:phx* or name:hexpm/phoenix
description:	Full-text search of package descriptions	description:auth
depends:	Packages depending on a given package. Supports repo:package form	depends:ecto or depends:hexpm:ecto
build_tool:	Filter by build tool	build_tool:mix
updated_after:	Packages updated after an ISO8601 datetime	updated_after:2025-01-01T00:00:00Z
extra:	Match custom metadata (key,value). Nested keys are separated by commas	extra:license,MIT

cowlib

Checksum

Dependency Config

Package Details

Links

Owners

Search filters