Packages

req

0.6.1
0.6.1 0.6.0 0.5.18 0.5.17 0.5.16 0.5.15 0.5.14 0.5.13 0.5.12 0.5.11 0.5.10 0.5.9 0.5.8 0.5.7 0.5.6 0.5.5 0.5.4 0.5.3 0.5.2 0.5.1 0.5.0 0.4.14 0.4.13 0.4.12 0.4.11 0.4.10 0.4.9 0.4.8 0.4.7 0.4.6 0.4.5 0.4.4 0.4.3 0.4.2 0.4.1 0.4.0 0.3.12 0.3.11 0.3.10 0.3.9 0.3.8 0.3.7 0.3.6 0.3.5 0.3.4 0.3.3 0.3.2 0.3.1 0.3.0 0.2.2 0.2.1 0.2.0 0.1.2 0.1.1 0.1.0

Req is a batteries-included HTTP client for Elixir.

HexDocs HexPreview

Current section

2 Advisories

Jump to
Readme
55 Versions
7 Dependencies
761 Dependants
2 Advisories
Activity
EEF-CVE-2026-49755 CVE-2026-49755 GHSA-655f-mp8p-96gv

Decompression bomb DoS in Req via auto-decoded archive and compressed response bodies

June 08, 2026
CVSS
?
8.2 / 10.0 High
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Versions

>= 0.1.0 and < 0.6.1
EEF-CVE-2026-49756 CVE-2026-49756 GHSA-px9f-whj3-246m

Multipart form-data header injection in Req via unescaped name/filename/content_type

June 08, 2026
CVSS
?
2.1 / 10.0 Low
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

Affected Versions

>= 0.5.3 and < 0.6.0

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions
0 10K 20K 30K 40K

this version

0

yesterday

13 490

last 7 days

197 947

all time

13 030 603

Last Updated

Jun 08, 2026

License

Apache-2.0

Build Tools

mix

Publisher

wojtekmach wojtekmach

Links

Owners