Packages

cowlib

2.16.1
2.16.1 2.16.0 2.15.0 2.14.0 2.13.0 2.12.1 2.12.0 2.11.0 2.10.1 2.10.0 2.9.1 2.9.0 2.8.0 2.7.3 2.7.2 retired 2.7.1 retired 2.7.0 2.6.0 2.5.1 2.5.0 2.4.0 2.3.0 2.2.1 2.2.0 2.1.0 2.0.1 2.0.0 1.3.0 1.2.0 1.1.0 1.0.2 1.0.1 1.0.0

Support library for manipulating Web protocols.

Security advisory: This version has known vulnerabilities. View advisories
HexPreview

Current section

4 Advisories

Jump to
Readme
33 Versions
0 Dependencies
36 Dependants
4 Advisories
Activity
EEF-CVE-2026-43970 CVE-2026-43970 GHSA-84f2-rp86-235p

Decompression Bomb in cow_spdy:inflate/2 Allows Memory Exhaustion via Crafted SPDY Frame

May 13, 2026
CVSS
?
8.2 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.1.0 and < 2.16.1
EEF-CVE-2026-7790 CVE-2026-7790 GHSA-32p9-57cr-4x65

Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS

May 11, 2026
CVSS
?
8.7 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.6.0 and < 2.16.1
EEF-CVE-2026-43968 CVE-2026-43968 GHSA-hv23-4qp7-8c8r

CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1

May 11, 2026
CVSS
?
6.3 / 10.0 Medium
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Affected Versions

>= 2.6.0 and < 2.16.1
EEF-CVE-2026-43969 CVE-2026-43969 GHSA-g2wm-735q-3f56

Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1

May 11, 2026
CVSS
?
2.1 / 10.0 Low
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Affected Versions

>= 2.9.0 >= 2.9.0 and <= 2.16.1

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions
0 20K 40K 60K 80K

this version

258 994

yesterday

12 576

last 7 days

279 127

all time

99 649 103

Last Updated

May 12, 2026

License

ISC

Build Tools

make rebar3

Publisher

essen essen

Links

Owners