Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

hackney

Ecosystem:
hex
Package URL:
pkg:hex/hackney
Total PRs:
187 Dependabot PRs
Latest PR:
7 days ago
Unique Repositories:
78 repositories
Unique Repos (30 days):
2 repositories
Security Advisories
Unbounded memory consumption in WebSocket client in hackney
EEF-CVE-2026-47073 GHSA-q8jg-fgj4-fphf CVE-2026-47073 HIGH published 16 days ago • updated about 11 hours ago
## Summary Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The WebSocket client in src/hack...
Atom table exhaustion via unrecognized URL schemes in hackney
EEF-CVE-2026-47067 GHSA-9653-rcfr-5c62 CVE-2026-47067 HIGH published 16 days ago • updated about 11 hours ago
## Summary Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackney\_u...
SSRF allowlist bypass via percent-encoded host in hackney
EEF-CVE-2026-47076 GHSA-pj7v-xfvx-wmjq CVE-2026-47076 MEDIUM published 16 days ago • updated about 11 hours ago
## Summary Interpretation Conflict vulnerability in benoitc hackney allows Server Side Request Forgery. hackney\_url:normalize/2 URL-decodes the h...
SOCKS5 TLS upgrade ignores caller timeout in hackney
EEF-CVE-2026-47071 GHSA-gp9c-pm5m-5cxr CVE-2026-47071 HIGH published 16 days ago • updated about 11 hours ago
## Summary Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackney\_socks5.erl cor...
CRLF injection in cookie domain/path options in hackney
EEF-CVE-2026-47069 GHSA-mp55-p8c9-rfw2 CVE-2026-47069 LOW published 16 days ago • updated about 11 hours ago
## Summary Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in benoitc hackney allows HTTP Response Splitting. The hackn...
View all 12 advisories
Recent PRs (filtered by: Major PRs )
RSS Feed Clear filter
Bump hackney from 1.17.4 to 4.2.0

zidik/elixir_security_example #12

1.17.4 → 4.2.0 Major PR
Closed 7 days ago 1 comment
zidik
Bump hackney from 1.17.4 to 4.0.3

zidik/elixir_security_example #10

1.17.4 → 4.0.3 Major PR
Closed 13 days ago 1 comment
zidik
chore(deps): bump hackney from 1.25.0 to 3.1.0

WTTJ/algoliax #164

1.25.0 → 3.1.0 Major PR
Closed 4 months ago 1 comment
WTTJ
chore(deps): bump hackney from 1.25.0 to 3.1.0

WTTJ/chargebeex #195

1.25.0 → 3.1.0 Major PR
Closed 4 months ago 1 comment
WTTJ
chore(deps): bump hackney from 1.25.0 to 3.0.3

WTTJ/algoliax #163

1.25.0 → 3.0.3 Major PR
Closed 4 months ago 1 comment
WTTJ
chore(deps): bump hackney from 1.25.0 to 3.0.3

WTTJ/chargebeex #194

1.25.0 → 3.0.3 Major PR
Closed 4 months ago 1 comment
WTTJ
chore(deps): bump hackney from 1.25.0 to 3.0.2

WTTJ/algoliax #161

1.25.0 → 3.0.2 Major PR
Closed 4 months ago 1 comment
WTTJ
chore(deps): bump hackney from 1.25.0 to 3.0.1

WTTJ/algoliax #158

1.25.0 → 3.0.1 Major PR
Closed 4 months ago 1 comment
WTTJ
chore(deps): bump hackney from 1.25.0 to 2.0.1

WTTJ/algoliax #156

1.25.0 → 2.0.1 Major PR
Closed 5 months ago 1 comment
WTTJ
Package Details
Name: hackney
Ecosystem: hex
PURL Type: hex
Package URL: pkg:hex/hackney
JSON API: View JSON
Security Advisories

12

Active advisories
HIGH 5
LOW 3
View All hex Advisories
Package Information
Description:

simple HTTP client

Repository: https://github.com/benoitc/hackney
Latest Release: 1.24.1
about 1 year ago
Dependent Repos: 10,295
Dependent Packages: 528
Downloads: 155,146,523
Ranking: Top 0.122% by dependent repos Top 0.0193% by downloads Top 0.0385% by dependent pkgs
PR Status
Open 70 (37.4%)
Merged 35 (18.7%)
Closed 56 (29.9%)
PR Types
Major 9 (4.8%)
Minor 149 (79.7%)
Patch 3 (1.6%)