K000161125: Erlang vulnerability CVE-2025-4748

Security Advisory Description Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines...

Astra Linux - уязвимость в erlang

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

Astra Linux - уязвимость в erlang

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19, a maliciously formed KEX init message could result in high memory usage. The implementation does not verify the RFC specified limits on the length of algorithm nam...

Fedora 43 : erlang (2026-53a7ddccc8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-53a7ddccc8 advisory. Erlang ver. 26.2.5.19 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Linux Distros Unpatched Vulnerability : CVE-2026-28810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel inetres, inetdb modules allows DNS Cache Poisoning. The built-in DNS resolve...

CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by the built-in APIs of node.js. Erlang/OTP has a security vulnerability, which stems from issues with relative path traversal and improper isolation in the tftpfile module. These...

Ubuntu 24.04 LTS : Erlang vulnerability (USN-7961-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7961-1 advisory. It was discovered that Erlang incorrectly validated peer certificates when incorrect extended key usage was presented. A remote attacker could possibly use this...

SUSE SLES15 / openSUSE 15 Security Update : erlang (SUSE-SU-2025:3807-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3807-1 advisory. - CVE-2025-48041: fixed erlang exhaustion of file handles in SSH bsc1249473 Tenable has extracted the preceding description...

Ubuntu: Security Advisory (USN-7831-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7831-1 erlang vulnerabilities

It was discovered that Erlang incorrectly handled resource allocation and consumption in the SFTP SSH module. An attacker could possibly use this issue cause Erlang to consume excessive resources, leading to a denial of service...

EUVD-2021-15860

Malware in sbrugna...

Erlang/OTP (Erlang OTP) Directory Traversal Vulnerability (Sep 2020) - Linux

Erlang/OTP Erlang OTP is prone to a directory traversal vulnerability in the httpd module of the inets component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

AZL-67124 CVE-2025-48041 affecting package erlang for versions less than 26.2.5.15-1

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

AZL-67127 CVE-2025-48039 affecting package erlang for versions less than 26.2.5.15-1

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions 17.0 through 28.0.3, 27.3.4.3, and 26.2.5.15, which stems from an...

Linux Distros Unpatched Vulnerability : CVE-2025-30211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init...

CBL Mariner 2.0 Security Update: erlang (CVE-2025-4748)

The version of erlang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4748 advisory. - Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdl...

USN-7443-3: Erlang vulnerability

USN-7443-1 fixed a vulnerability in Erlang. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, and Jörg Schwenk discovered that Erlang OTP’s SSH module incorrect handled authenticatio...

SUSE SLES15 / openSUSE 15 Security Update : erlang (SUSE-SU-2025:02332-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02332-1 advisory. - CVE-2025-4748: Fixed improper limitation of a pathname to a restricted directory vulnerability in Erlang OTP stdlib modules...