CVE-2026-49762: Unbounded Internal Version Digits Parsing
Missing string length boundary checks before parsing digit strings. In the context of standard-library or low-level parsers, unbounded iteration or conversion of digit strings into integers can result in Uncontrolled Resource Consumption (DoS). Evaluate strings with `byte_size/1` prior to accumulation.
Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0
Elixirβ
Elixirβgreprules fetch cve-2026-49762-unbounded-internal-version-digits-parsing --engine opengrepDescription
Missing string length boundary checks before parsing digit strings. In the context of standard-library or low-level parsers, unbounded iteration or conversion of digit strings into integers can result in Uncontrolled Resource Consumption (DoS). Evaluate strings with `byte_size/1` prior to accumulation.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0