mint has 4 known vulnerabilities on the latest version (1.9.0). DepScope rates its health at 60/100 (moderate risk).

What is the latest version of mint?

The latest version of mint is 1.9.0, released 2026-06-02.

Does mint have known vulnerabilities?

Yes. mint has 4 known vulnerabilities. See depscope.dev/pkg/hex/mint for details.

No, mint is actively maintained. Latest release: 1.9.0 (2026-06-02).

What are alternatives to mint?

DepScope has no curated alternatives for mint at this time.

What license does mint use?

mint is licensed under Apache-2.0.

mint

hexv1.9.0

Small and composable HTTP client.

License Apache-2.0permissive24 versions2 maintainers0 deps333,598 weekly dl

elixir-mint/mint

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Update to >= b662d127d3028b5426c88d4c9cc7fe430491a10b to fix known vulnerabilities

Moderate health score (60/100) — verify manually
2 high severity vulnerabilities

Health breakdown0 – 100

25/25

maintenance

14/20

popularity

13/25

security

12/15

maturity

8/15

community

0/15

popularity_floor

Vulnerabilities

2 high1 medium1 low

Advisories (4)

Severity	ID	Summary	Fixed in
low	CVE-2026-48861	CRLF injection in HTTP/1 request line via unvalidated method in Mint	fad091454cbb7449b19edb8e1fee12ca7cf28c3a
high	CVE-2026-48862	Unbounded conn.streams growth in Mint HTTP/2 client via unenforced PUSH_PROMISE concurrency	70b97b6a5209fb288b0e04d8e657dda26c59de67
medium	CVE-2026-49753	HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing	47e48027480228e4e32a0b4df39db497b4804921
high	CVE-2026-49754	HTTP/2 CONTINUATION flood in Mint client via unbounded header-block accumulation	b662d127d3028b5426c88d4c9cc7fe430491a10b

OSS Scorecard

OpenSSF security posture score

4.4/10

weak

Maintainer trust

Active maintainers (3m)

6

Contributors (12m)

8

Primary author dominance

29%

GitHub stars

1,411

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/hex/mint

First published · 2019-02-25T16:40:28.746182Z

Last updated · 2026-06-02T14:03:07.242827Z