Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-53846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design...

5.5CVSS5.5AI score0.00251EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/23 12:0 a.m.8 views

Erlang/OTP 25.3.2.8 < 25.3.2.16 / 26.2 < 26.2.5.6 / 27.0 < 27.1.3 Improper Certificate Validation (CVE-2024-53846)

The version of Erlang/OTP installed on the remote host is 25.3.2.8 prior to 25.3.2.16, 26.2 prior to 26.2.5.6, or 27.0 prior to 27.1.3. It is, therefore, affected by an improper certificate validation vulnerability: - OTP is a set of Erlang libraries, which consists of the Erlang runtime system, ...

5.5CVSS5.8AI score0.00251EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/04/25 12:0 a.m.7 views

Erlang/OTP (Erlang OTP) Improper Certificate Validation Vulnerability (Dec 2024)

Erlang/OTP Erlang OTP is prone to an improper certificate validation vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5.5CVSS6.9AI score0.00251EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2024/12/19 12:10 a.m.13 views

CVE-2024-53846 affecting package erlang for versions less than 26.2.5.6-1

CVE-2024-53846 affecting package erlang for versions less than 26.2.5.6-1. An upgraded version of the package is available that resolves this issue...

5.5CVSS7AI score0.00251EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/12/05 8:12 p.m.9 views

CVE-2024-53846

A regression flaw was introduced into Erlang OTP's SSL application. This issue results in a server or client verifying the peer when incorrect extended key usage is presented. For example, a server will verify if a client has server auth ext key usage and vice versa...

5.5CVSS6.8AI score0.00251EPSS
Exploits0References4
NVD
NVD
added 2024/12/05 5:15 p.m.20 views

CVE-2024-53846

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

5.5CVSS0.00251EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/12/05 5:15 p.m.1 views

CVE-2024-53846

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

5.5CVSS6.1AI score0.00251EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/05 5:2 p.m.23 views

CVE-2024-53846 ssl fails to validate incorrect extened key usage

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

5.5CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2024/12/05 5:2 p.m.108 views

CVE-2024-53846

CVE-2024-53846 affects Erlang/OTP’s ssl validation. Connected advisories show that a regression in the ssl app introduced improper peer verification when incorrect extended key usage is presented, affecting OTP releases: 25.3.2.8 and later up to 25.3.2.16, 26.2 up to 26.2.5.6, and 27.0 up to 27.1...

5.5CVSS5.6AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/05 5:2 p.m.7 views

CVE-2024-53846 ssl fails to validate incorrect extened key usage

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

5.5CVSS7AI score0.00251EPSS
Exploits0References1
Rows per page
Query Builder