Packages

gun

2.4.0
2.4.0 2.3.0 2.2.0 2.1.0 2.0.1 2.0.0 2.0.0-rc.2 2.0.0-rc.1 1.3.3 1.3.2 1.3.1 1.3.0 1.2.0 1.1.0 1.0.0 1.0.0-pre.4b retired 1.0.0-pre.5 1.0.0-pre.4 1.0.0-pre.2 1.0.0-pre.1

HTTP/1.1, HTTP/2 and Websocket client for Erlang/OTP.

HexDocs HexPreview

Current section

3 Advisories

Jump to
Readme
20 Versions
1 Dependency
83 Dependants
3 Advisories
Activity
EEF-CVE-2026-43973 CVE-2026-43973

gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

June 08, 2026
CVSS
?
8.7 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 1.0.0 and < 2.4.0
EEF-CVE-2026-43972 CVE-2026-43972

gun HTTP/2 PUSH_PROMISE authority not validated against connection origin allows cross-origin cookie injection

June 08, 2026
CVSS
?
6.3 / 10.0 Medium
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

Affected Versions

>= 2.0.0 and < 2.4.0
EEF-CVE-2026-43974 CVE-2026-43974

gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM

June 08, 2026
CVSS
?
8.7 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 2.0.0 and < 2.4.0

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions
0 10K 20K 30K 40K

this version

0

yesterday

5 430

last 7 days

133 571

all time

13 117 885

Last Updated

Jun 08, 2026

License

ISC

Build Tools

make rebar3

Publisher

essen essen

Links

Owners