hex_core

0.17.0

0.17.0 0.16.1 0.16.0 0.15.0 0.14.1 0.14.0 0.13.0 0.12.2 0.12.1 retired 0.12.0 0.11.0 0.10.3 0.10.2 0.10.1 0.10.0 0.9.0 0.8.4 0.8.3 0.8.2 0.8.1 0.8.0 0.7.1 0.7.0 0.6.10 0.6.9 0.6.8 0.6.7 0.6.6 0.6.5 0.6.4 0.6.3 0.6.2 0.6.1 0.6.0 0.5.1 0.5.0 0.4.0 0.3.0 retired 0.2.1 0.2.0 0.1.1 0.1.0

Reference implementation of Hex specifications

HexDocs HexPreview

Current section

2 Advisories

Jump to

Readme 42 Versions 0 Dependencies 12 Dependants 2 Advisories Activity

EEF-CVE-2026-21619 CVE-2026-21619 GHSA-hx9w-f2w9-9g96

Unsafe Deserialization of Erlang Terms in hex_core

February 27, 2026

CVSS

2.0 / 10.0 Low

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Versions

>= 0.1.0 and < 0.12.1 < 0.12.1

References

GHSA-q3cc-rr2c-87r6 CVE-2019-1000013

Hex authenticity of signed packages not validated

May 13, 2022

CVSS

8.8 / 10.0 High

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Versions

< 0.4.0

References

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions

this version

823

yesterday

21 120

last 7 days

113 129

all time

49 565 633

Last Updated

May 19, 2026

License

Apache-2.0

Build Tools

rebar3

Publisher

ericmj

Operator	Description	Example
name:	Match package name. Supports * wildcards and repo/package form	name:phx* or name:hexpm/phoenix
description:	Full-text search of package descriptions	description:auth
depends:	Packages depending on a given package. Supports repo:package form	depends:ecto or depends:hexpm:ecto
build_tool:	Filter by build tool	build_tool:mix
updated_after:	Packages updated after an ISO8601 datetime	updated_after:2025-01-01T00:00:00Z
extra:	Match custom metadata (key,value). Nested keys are separated by commas	extra:license,MIT

hex_core

Checksum

Dependency Config

Package Details

Links

Owners

Search filters