High
CVE-2026-32689
Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling. In 'Elixir.Phoenix.Trans…
Tag: Phoenix Framework
All CVEs associated with "Phoenix Framework". Page 1/1 • 2 CVEs.
About “Phoenix Framework”
A curated feed of “Phoenix Framework”-related CVEs appears below. We currently track 2 CVEs for this tag (all time). In the last 365 days, 1 were published. Average CVSS is 7.4 (all time; 8.7 over 365d), and 50% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-770 - Allocation of Resources Without Limits or Throttling.
In our taxonomy this topic maps to a LOW impact class. Language runtimes and libraries cascade through dependency graphs. Upgrade runtime and toolchain, pin versions, rebuild images, and enable SAST or DAST and linters. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
Support & lifecycle: phoenix-framework
This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.
| Cycle | Release | Latest | Premier Support | EOL | LTS |
|---|---|---|---|---|---|
| 1.8 | 1.8.7 | Unavailable | - | ||
| 1.7 | 1.7.23 | - | |||
| 1.6 | 1.6.16 | - | |||
| 1.5 | 1.5.14 | - | |||
| 1.4 | 1.4.18 | Expired | |||
| 1.3 | 1.3.5 | Expired | |||
| 1.2 | 1.2.5 | Expired | |||
| 1.1 | 1.1.9 | Expired | |||
| 1.0 | 1.0.6 | Expired |
Maintained Soon (≤ 180 days) Expired
Subscribe lifecycle: RSS (expired) · ICS
Subscribe CVEs: RSS for “Phoenix Framework” · RSS (High+Critical only)
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2026-05-05
2017-11-17
Medium
CVE-2017-1000163
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering…