Erlang/OTP 27.0 < 27.3.4.12 / 28.0 < 28.5.0.1 / 29.0 < 29.0.1 OCSP Expired Responder Certificate Bypass (CVE-2026-42791)

The version of Erlang/OTP installed on the remote host is 27.0 prior to 27.3.4.12, 28.0 prior to 28.5.0.1, or 29.0 prior to 29.0.1. It is, therefore, affected by a vulnerability: - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses...

Unity Linux 20.1060e / 20.1070e Security Update: erlang (UTSA-2026-006131)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006131 advisory. Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an...

CVE-2025-48041 affecting package erlang for versions less than 25.3.2.21-4

CVE-2025-48041 affecting package erlang for versions less than 25.3.2.21-4. A patched version of the package is available...

SUSE CVE-2025-48041

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

OESA-2025-1552 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

OESA-2025-1492 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

OESA-2023-1941 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, a...

PT-2016-3603 · Erlang +1 · Erlang/Otp +1

Name of the Vulnerable Software and Affected Versions: Erlang/OTP versions prior to 18.0-rc1 Description: The issue makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of the POODLE attack. This occurs because Erlang/OTP does not properl...