Packages

grpc

1.0.0
1.0.0 1.0.0-rc.1 0.11.5 0.11.4 0.11.3 0.11.2 0.11.1 0.11.0 retired 0.10.2 0.10.1 0.10.0 0.9.0 0.8.1 0.8.0 retired 0.7.0 0.6.0 0.5.0 0.5.0-beta.1 0.5.0-beta 0.4.0-alpha.2 0.4.0-alpha.1 0.3.1 0.3.0-alpha.2 0.3.0-alpha.1 0.3.0-alpha

gRPC client implementation for Elixir

HexDocs HexPreview

Current section

4 Advisories

Jump to
Readme
25 Versions
4 Dependencies
68 Dependants
4 Advisories
Activity
EEF-CVE-2026-48853 CVE-2026-48853 GHSA-grp7-v8xh-rj7h

Remote code execution and denial of service via unsafe Erlang term deserialization in elixir-grpc/grpc

June 15, 2026
CVSS
?
9.2 / 10.0 Critical
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.4.0 and < 1.0.0
EEF-CVE-2026-53430 CVE-2026-53430 GHSA-6ccx-9c9f-327w

grpc gzip decompression bomb in GRPC.Compressor.Gzip.decompress/1

June 15, 2026
CVSS
?
8.7 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.4.0 and < 1.0.0
EEF-CVE-2026-48599 CVE-2026-48599 GHSA-mwr4-5g34-j5cq

Authorization bypass via path binding override in elixir-grpc/grpc HTTP transcoding

June 15, 2026
CVSS
?
7.6 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Versions

>= 0.8.0 and < 1.0.0
EEF-CVE-2026-48854 CVE-2026-48854 GHSA-q8gf-9rvj-gmgj

Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc

June 15, 2026
CVSS
?
8.7 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.3.1 and < 1.0.0

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions
0 5K 10K 15K 20K

this version

21

yesterday

9 818

last 7 days

68 813

all time

6 123 509

Last Updated

Jun 15, 2026

License

Apache-2.0

Build Tools

mix

Publisher

polvalente polvalente

Links

Owners