{
	"document":{
		"aggregate_severity":{
			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
			"text":"MEDIUM"
		},
		"category":"csaf_vex",
		"csaf_version":"2.0",
		"distribution":{
			"tlp":{
				"label":"WHITE",
				"url":"https:/www.first.org/tlp/"
			}
		},
		"lang":"en",
		"notes":[
			{
				"text":"Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion.\n\nThe version parser converts numeric version components (major, minor, patch and numeric pre-release/build identifiers) to integers without bounding their length. A single large all-digit component therefore forces a super-linear, non-yielding base-10 to arbitrary-precision integer conversion (String.to_integer/1, i.e. :erlang.binary_to_integer/1) that pins a BEAM scheduler, and a larger component raises an uncaught SystemLimitError that crashes the calling process. A single moderately sized string (around one megabyte) is enough; no authentication is required.\n\nThis is reachable from the public entry points Version.parse/1, Version.parse!/1, Version.match?/3, Version.compare/2, and Version.parse_requirement/1, which applications routinely call on untrusted input such as HTTP parameters, dependency-manifest fields, and package metadata.\n\nThis vulnerability is associated with program files lib/version.ex and program routines 'Elixir.Version.Parser':parse_digits/2.\n\nThis issue affects Elixir: from 1.5.0 before 1.20.1.",
				"category":"general",
				"title":"Synopsis"
			}
		],
		"publisher":null,
		"references":[
			{
				"summary":"nvd cve",
				"category":"external",
				"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-49762"
			},
			{
				"summary":"CVE-2026-49762 vex file",
				"category":"self",
				"url":"https://repo.openeuler.org/security/data/csaf/cve/2026/csaf-openeuler-cve-2026-49762.json"
			},
			{
				"summary":"openEuler-SA-2026-2787",
				"category":"self",
				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2787"
			},
			{
				"summary":"CVE-2026-49762",
				"category":"self",
				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-49762&packageName=elixir"
			}
		],
		"title":"openEuler cve CVE-2026-49762",
		"tracking":{
			"initial_release_date":"2026-06-30T20:15:09+08:00",
			"revision_history":[
				{
					"date":"2026-06-30T20:15:09+08:00",
					"summary":"Initial",
					"number":"1.0.0"
				}
			],
			"generator":{
				"date":"2026-06-30T20:15:09+08:00",
				"engine":{
					"name":"openEuler CSAF Tool V1.0"
				}
			},
			"current_release_date":"2026-06-30T20:15:09+08:00",
			"id":"CVE-2026-49762",
			"version":"1.0.0",
			"status":"interim"
		}
	},
	"product_tree":{
		"branches":[
			{
				"name":"openEuler",
				"category":"vendor",
				"branches":[
					{
						"name":"openEuler",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
									},
									"product_id":"openEuler-22.03-LTS-SP4",
									"name":"openEuler-22.03-LTS-SP4"
								},
								"name":"openEuler-22.03-LTS-SP4",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
									},
									"product_id":"openEuler-24.03-LTS-SP1",
									"name":"openEuler-24.03-LTS-SP1"
								},
								"name":"openEuler-24.03-LTS-SP1",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3"
									},
									"product_id":"openEuler-24.03-LTS-SP3",
									"name":"openEuler-24.03-LTS-SP3"
								},
								"name":"openEuler-24.03-LTS-SP3",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
									},
									"product_id":"openEuler-20.03-LTS-SP4",
									"name":"openEuler-20.03-LTS-SP4"
								},
								"name":"openEuler-20.03-LTS-SP4",
								"category":"product_version"
							}
						],
						"category":"product_name"
					},
					{
						"name":"src",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
									},
									"product_id":"elixir-1.12.0-2.oe2203sp4.src.rpm",
									"name":"elixir-1.12.0-2.oe2203sp4.src.rpm"
								},
								"name":"elixir-1.12.0-2.oe2203sp4.src.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
									},
									"product_id":"elixir-1.14.4-3.oe2403sp1.src.rpm",
									"name":"elixir-1.14.4-3.oe2403sp1.src.rpm"
								},
								"name":"elixir-1.14.4-3.oe2403sp1.src.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3"
									},
									"product_id":"elixir-1.14.4-3.oe2403sp3.src.rpm",
									"name":"elixir-1.14.4-3.oe2403sp3.src.rpm"
								},
								"name":"elixir-1.14.4-3.oe2403sp3.src.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
									},
									"product_id":"elixir-1.9.0-2.oe2003sp4.src.rpm",
									"name":"elixir-1.9.0-2.oe2003sp4.src.rpm"
								},
								"name":"elixir-1.9.0-2.oe2003sp4.src.rpm",
								"category":"product_version"
							}
						],
						"category":"architecture"
					},
					{
						"name":"x86_64",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
									},
									"product_id":"elixir-1.12.0-2.oe2203sp4.x86_64.rpm",
									"name":"elixir-1.12.0-2.oe2203sp4.x86_64.rpm"
								},
								"name":"elixir-1.12.0-2.oe2203sp4.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
									},
									"product_id":"elixir-doc-1.12.0-2.oe2203sp4.x86_64.rpm",
									"name":"elixir-doc-1.12.0-2.oe2203sp4.x86_64.rpm"
								},
								"name":"elixir-doc-1.12.0-2.oe2203sp4.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
									},
									"product_id":"elixir-1.14.4-3.oe2403sp1.x86_64.rpm",
									"name":"elixir-1.14.4-3.oe2403sp1.x86_64.rpm"
								},
								"name":"elixir-1.14.4-3.oe2403sp1.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
									},
									"product_id":"elixir-doc-1.14.4-3.oe2403sp1.x86_64.rpm",
									"name":"elixir-doc-1.14.4-3.oe2403sp1.x86_64.rpm"
								},
								"name":"elixir-doc-1.14.4-3.oe2403sp1.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3"
									},
									"product_id":"elixir-1.14.4-3.oe2403sp3.x86_64.rpm",
									"name":"elixir-1.14.4-3.oe2403sp3.x86_64.rpm"
								},
								"name":"elixir-1.14.4-3.oe2403sp3.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3"
									},
									"product_id":"elixir-doc-1.14.4-3.oe2403sp3.x86_64.rpm",
									"name":"elixir-doc-1.14.4-3.oe2403sp3.x86_64.rpm"
								},
								"name":"elixir-doc-1.14.4-3.oe2403sp3.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
									},
									"product_id":"elixir-1.9.0-2.oe2003sp4.x86_64.rpm",
									"name":"elixir-1.9.0-2.oe2003sp4.x86_64.rpm"
								},
								"name":"elixir-1.9.0-2.oe2003sp4.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
									},
									"product_id":"elixir-doc-1.9.0-2.oe2003sp4.x86_64.rpm",
									"name":"elixir-doc-1.9.0-2.oe2003sp4.x86_64.rpm"
								},
								"name":"elixir-doc-1.9.0-2.oe2003sp4.x86_64.rpm",
								"category":"product_version"
							}
						],
						"category":"architecture"
					},
					{
						"name":"aarch64",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
									},
									"product_id":"elixir-1.12.0-2.oe2203sp4.aarch64.rpm",
									"name":"elixir-1.12.0-2.oe2203sp4.aarch64.rpm"
								},
								"name":"elixir-1.12.0-2.oe2203sp4.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
									},
									"product_id":"elixir-doc-1.12.0-2.oe2203sp4.aarch64.rpm",
									"name":"elixir-doc-1.12.0-2.oe2203sp4.aarch64.rpm"
								},
								"name":"elixir-doc-1.12.0-2.oe2203sp4.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
									},
									"product_id":"elixir-1.14.4-3.oe2403sp1.aarch64.rpm",
									"name":"elixir-1.14.4-3.oe2403sp1.aarch64.rpm"
								},
								"name":"elixir-1.14.4-3.oe2403sp1.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1"
									},
									"product_id":"elixir-doc-1.14.4-3.oe2403sp1.aarch64.rpm",
									"name":"elixir-doc-1.14.4-3.oe2403sp1.aarch64.rpm"
								},
								"name":"elixir-doc-1.14.4-3.oe2403sp1.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3"
									},
									"product_id":"elixir-1.14.4-3.oe2403sp3.aarch64.rpm",
									"name":"elixir-1.14.4-3.oe2403sp3.aarch64.rpm"
								},
								"name":"elixir-1.14.4-3.oe2403sp3.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3"
									},
									"product_id":"elixir-doc-1.14.4-3.oe2403sp3.aarch64.rpm",
									"name":"elixir-doc-1.14.4-3.oe2403sp3.aarch64.rpm"
								},
								"name":"elixir-doc-1.14.4-3.oe2403sp3.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
									},
									"product_id":"elixir-1.9.0-2.oe2003sp4.aarch64.rpm",
									"name":"elixir-1.9.0-2.oe2003sp4.aarch64.rpm"
								},
								"name":"elixir-1.9.0-2.oe2003sp4.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
									},
									"product_id":"elixir-doc-1.9.0-2.oe2003sp4.aarch64.rpm",
									"name":"elixir-doc-1.9.0-2.oe2003sp4.aarch64.rpm"
								},
								"name":"elixir-doc-1.9.0-2.oe2003sp4.aarch64.rpm",
								"category":"product_version"
							}
						],
						"category":"architecture"
					}
				]
			}
		],
		"relationships":[
			{
				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
				"product_reference":"elixir-1.12.0-2.oe2203sp4.src.rpm",
				"full_product_name":{
					"product_id":"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.src",
					"name":"elixir-1.12.0-2.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
				"product_reference":"elixir-1.14.4-3.oe2403sp1.src.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.src",
					"name":"elixir-1.14.4-3.oe2403sp1.src as a component of openEuler-24.03-LTS-SP1"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP3",
				"product_reference":"elixir-1.14.4-3.oe2403sp3.src.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.src",
					"name":"elixir-1.14.4-3.oe2403sp3.src as a component of openEuler-24.03-LTS-SP3"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
				"product_reference":"elixir-1.9.0-2.oe2003sp4.src.rpm",
				"full_product_name":{
					"product_id":"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.src",
					"name":"elixir-1.9.0-2.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
				"product_reference":"elixir-1.12.0-2.oe2203sp4.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.x86_64",
					"name":"elixir-1.12.0-2.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
				"product_reference":"elixir-doc-1.12.0-2.oe2203sp4.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.x86_64",
					"name":"elixir-doc-1.12.0-2.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
				"product_reference":"elixir-1.14.4-3.oe2403sp1.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.x86_64",
					"name":"elixir-1.14.4-3.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
				"product_reference":"elixir-doc-1.14.4-3.oe2403sp1.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.x86_64",
					"name":"elixir-doc-1.14.4-3.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP3",
				"product_reference":"elixir-1.14.4-3.oe2403sp3.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.x86_64",
					"name":"elixir-1.14.4-3.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP3",
				"product_reference":"elixir-doc-1.14.4-3.oe2403sp3.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.x86_64",
					"name":"elixir-doc-1.14.4-3.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
				"product_reference":"elixir-1.9.0-2.oe2003sp4.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.x86_64",
					"name":"elixir-1.9.0-2.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
				"product_reference":"elixir-doc-1.9.0-2.oe2003sp4.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.x86_64",
					"name":"elixir-doc-1.9.0-2.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
				"product_reference":"elixir-1.12.0-2.oe2203sp4.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.aarch64",
					"name":"elixir-1.12.0-2.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
				"product_reference":"elixir-doc-1.12.0-2.oe2203sp4.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.aarch64",
					"name":"elixir-doc-1.12.0-2.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
				"product_reference":"elixir-1.14.4-3.oe2403sp1.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.aarch64",
					"name":"elixir-1.14.4-3.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP1",
				"product_reference":"elixir-doc-1.14.4-3.oe2403sp1.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.aarch64",
					"name":"elixir-doc-1.14.4-3.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP3",
				"product_reference":"elixir-1.14.4-3.oe2403sp3.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.aarch64",
					"name":"elixir-1.14.4-3.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS-SP3",
				"product_reference":"elixir-doc-1.14.4-3.oe2403sp3.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.aarch64",
					"name":"elixir-doc-1.14.4-3.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
				"product_reference":"elixir-1.9.0-2.oe2003sp4.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.aarch64",
					"name":"elixir-1.9.0-2.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
				"product_reference":"elixir-doc-1.9.0-2.oe2003sp4.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.aarch64",
					"name":"elixir-doc-1.9.0-2.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
				},
				"category":"default_component_of"
			}
		]
	},
	"vulnerabilities":[
		{
			"cve":"CVE-2026-49762",
			"notes":[
				{
					"text":"Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion.\n\nThe version parser converts numeric version components (major, minor, patch and numeric pre-release/build identifiers) to integers without bounding their length. A single large all-digit component therefore forces a super-linear, non-yielding base-10 to arbitrary-precision integer conversion (String.to_integer/1, i.e. :erlang.binary_to_integer/1) that pins a BEAM scheduler, and a larger component raises an uncaught SystemLimitError that crashes the calling process. A single moderately sized string (around one megabyte) is enough; no authentication is required.\n\nThis is reachable from the public entry points Version.parse/1, Version.parse!/1, Version.match?/3, Version.compare/2, and Version.parse_requirement/1, which applications routinely call on untrusted input such as HTTP parameters, dependency-manifest fields, and package metadata.\n\nThis vulnerability is associated with program files lib/version.ex and program routines 'Elixir.Version.Parser':parse_digits/2.\n\nThis issue affects Elixir: from 1.5.0 before 1.20.1.",
					"category":"description",
					"title":"Vulnerability Description"
				}
			],
			"product_status":{
				"fixed":[
					"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.src",
					"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.src",
					"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.src",
					"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.src",
					"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.x86_64",
					"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.x86_64",
					"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.x86_64",
					"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.x86_64",
					"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.x86_64",
					"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.x86_64",
					"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.x86_64",
					"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.x86_64",
					"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.aarch64",
					"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.aarch64",
					"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.aarch64",
					"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.aarch64",
					"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.aarch64",
					"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.aarch64",
					"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.aarch64",
					"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.aarch64"
				]
			},
			"remediations":[
				{
					"product_ids":[
						"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.src",
						"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.src",
						"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.src",
						"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.src",
						"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.x86_64",
						"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.x86_64",
						"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.x86_64",
						"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.x86_64",
						"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.x86_64",
						"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.x86_64",
						"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.x86_64",
						"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.x86_64",
						"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.aarch64",
						"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.aarch64",
						"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.aarch64",
						"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.aarch64",
						"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.aarch64",
						"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.aarch64",
						"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.aarch64",
						"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.aarch64"
					],
					"details":"elixir security update",
					"category":"vendor_fix",
					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2787"
				}
			],
			"scores":[
				{
					"cvss_v3":{
						"baseSeverity":"MEDIUM",
						"baseScore":5.1,
						"vectorString":"CVSS:3.1/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
						"version":"3.1"
					},
					"products":[
						"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.src",
						"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.src",
						"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.src",
						"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.src",
						"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.x86_64",
						"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.x86_64",
						"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.x86_64",
						"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.x86_64",
						"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.x86_64",
						"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.x86_64",
						"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.x86_64",
						"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.x86_64",
						"openEuler-22.03-LTS-SP4:elixir-1.12.0-2.oe2203sp4.aarch64",
						"openEuler-22.03-LTS-SP4:elixir-doc-1.12.0-2.oe2203sp4.aarch64",
						"openEuler-24.03-LTS-SP1:elixir-1.14.4-3.oe2403sp1.aarch64",
						"openEuler-24.03-LTS-SP1:elixir-doc-1.14.4-3.oe2403sp1.aarch64",
						"openEuler-24.03-LTS-SP3:elixir-1.14.4-3.oe2403sp3.aarch64",
						"openEuler-24.03-LTS-SP3:elixir-doc-1.14.4-3.oe2403sp3.aarch64",
						"openEuler-20.03-LTS-SP4:elixir-1.9.0-2.oe2003sp4.aarch64",
						"openEuler-20.03-LTS-SP4:elixir-doc-1.9.0-2.oe2003sp4.aarch64"
					]
				}
			],
			"threats":[
				{
					"details":"Medium",
					"category":"impact"
				}
			],
			"title":"CVE-2026-49762"
		}
	]
}