Lucene search
K

48 matches found

RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-53422

A flaw was found in Erlang OTP's Secure Shell SSH component, specifically within the SSH File Transfer Protocol SFTP daemon's sshsftpd module. An authenticated SFTP user can exploit an observable response discrepancy in the REALPATH handler to enumerate the existence of files and directories...

4.3CVSS5.9AI score0.00262EPSS
Exploits0References10
OSV
OSV
added 2026/07/02 5:17 p.m.9 views

UBUNTU-CVE-2026-54891

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS6AI score0.00135EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/07/02 4:6 p.m.7 views

CVE-2026-54887

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS5.8AI score0.00243EPSS
Exploits0
EUVD
EUVD
added 2026/07/02 4:6 p.m.7 views

EUVD-2026-41410

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS5.8AI score0.00262EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.12 views

SUSE CVE-2026-48858

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

6.5CVSS5.5AI score0.00234EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.8 views

FreeBSD : Erlang/OTP -- SFTP READLINK discloses server filesystem paths (d87e41a4-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e41a4-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-pv7g-pjrq-x2fh reports: The SSH SFTP daemon's...

6.5CVSS5.3AI score0.00277EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-49759

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based Buffer Overflow vulnerability in Erlang OTP erts inetdrv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP...

8.8CVSS6AI score0.00497EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 4:17 p.m.13 views

CVE-2026-49759

Stack-based Buffer Overflow vulnerability in Erlang OTP erts inetdrv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctpparseerrorchunk function in erts/emulator/drivers/common/inetdrv.c parses SCTP ERROR chunks and writes cause codes int...

8.8CVSS0.00497EPSS
Exploits0References8
NVD
NVD
added 2026/06/10 4:17 p.m.12 views

CVE-2026-49760

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS0.00136EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/10 2:35 p.m.11 views

CVE-2026-48858 ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

6.3CVSS5.6AI score0.00234EPSS
Exploits0References6
CVE
CVE
added 2026/06/10 2:35 p.m.34 views

CVE-2026-48858

The CVE-2026-48858 entry describes a Server-Side Request Forgery (SSRF) flaw in Erlang/OTP ftp’s PASV path: the ftp_internal PASV handler accepts the server’s 227 response IP and passes it to gen_tcp:connect without validating it against the control connection peer, unlike EPSV handlers. This ena...

6.5CVSS5.6AI score0.00234EPSS
Exploits0References6Affected Software3
EUVD
EUVD
added 2026/06/10 2:35 p.m.9 views

EUVD-2026-36053

Stack-based Buffer Overflow vulnerability in Erlang OTP erts inetdrv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctpparseerrorchunk function in erts/emulator/drivers/common/inetdrv.c parses SCTP ERROR chunks and writes cause codes int...

8.8CVSS5.6AI score0.00497EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2026/06/10 12:0 a.m.8 views

Erlang/OTP -- FTP passive-mode client does not validate server response IP

https://github.com/erlang/otp/security/advisories/GHSA-24cv-hwgr-37fq reports: The FTP client in passive mode did not validate the IP address returned in the server's response, allowing a compromised or malicious server to redirect the data connection to an arbitrary host. This enables server-sid...

6.5CVSS5.6AI score0.00234EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 2:12 p.m.42 views

CVE-2026-43973

CVE-2026-43973 concerns the Erlang/Elixir library gun_http in the Gun framework. The vulnerability is an uncontrolled resource consumption: three code paths in gun_http:handle/5 accumulate TCP data into a connection buffer using binary concatenation with no upper bound. If a malicious server send...

8.7CVSS5.8AI score0.00381EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 3:9 p.m.9 views

CVE-2026-42790 nameConstraints DNS bypass via subject CommonName fallback in public_key hostname verification

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeycert and publickey modules allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted e.g...

7.6CVSS5.8AI score0.00338EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:9 p.m.11 views

CVE-2026-42790

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeycert and publickey modules allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted e.g...

7.6CVSS5.8AI score0.00338EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:23 p.m.13 views

CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS5.8AI score0.00316EPSS
Exploits0
OSV
OSV
added 2026/05/27 12:23 p.m.8 views

EEF-CVE-2026-42791 OCSP responder certificate validity period not checked in public_key

Summary Improper Certificate Validation vulnerability in Erlang OTP public\key pubkey\ocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkey\ocsp:verify\response/5 and pubkey\ocsp:is\authorized\responder/...

6.3CVSS6.1AI score0.00316EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:23 p.m.42 views

CVE-2026-42789 Non-CA certificate accepted as intermediate issuer in public_key path validation

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...

7CVSS0.00322EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.10 views

PT-2026-44041

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 19.3 through 26.2.5.20 Erlang OTP versions 26.2.5.21 through 27.3.4.11 Erlang OTP versions 27.3.4.12 through 28.5.0.0 Erlang OTP versions 28.5.0.1 through 29.0.0 public key versions 1.4 through 1.15.1.6 public key versions...

8.1CVSS5.8AI score0.00338EPSS
Exploits0References40
Rows per page
Query Builder