42 matches found
EUVD-2025-27678
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-48038
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...
AZL-67118 CVE-2025-48038 affecting package erlang for versions less than 25.3.2.21-4
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...
CVE-2025-48041 SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....
CVE-2025-48038 Unverified File Handles can Cause Excessive Use of System Resources
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...
PT-2025-37162
Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 through 27.3.4.3 Erlang OTP versions 27.3.4.3 Erlang OTP versions 28.0.3 ssh versions 3.0.1 through 5.3.3 ssh versions 5.1.4.12 ssh versions 5.2.11.3 Description An Allocati...
PT-2025-37163
Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 through 27.3.4.3 Erlang OTP versions 27.3.4.3 Erlang OTP versions 28.0.3 ssh versions 3.0.1 through 5.3.3 ssh versions 5.1.4.12 ssh versions 5.2.11.3 Description An Allocati...
Erlang/OTP 安全漏洞
Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions 17.0 through 28.0.3, 27.3.4.3, and 26.2.5.15, which stems from...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
CVE-2025-32433: Erlang/OTP SSH Unauthenticated RCE PoC !CVE-...
Linux Distros Unpatched Vulnerability : CVE-2025-46712
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 fo...
OESA-2025-1767 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Improper Limitation of a Pathname to a Restricted...
AZL-64068 CVE-2025-4748 affecting package erlang for versions less than 25.3.2.21-2
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...
VulnCheck KEV: CVE-2025-32433
Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially leading to unauthenticated remote code execution RCE. By exploiting a flaw in how SSH protocol...
The vulnerability of theOTP library set in the Erlang programming language lies in the lack of control over the data entered by users. This allows attackers to trigger a service failure.
The vulnerability of theOTP library in the Erlang programming language is related to the lack of control over the data entered by users. Exploiting this vulnerability could allow a malicious actor to cause service failures...
DEBIAN-CVE-2025-46712
Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
Erlang-OTP-SSH-CVE-2025-32433 Exploit Erlang/OTP SSH CVE-202...
DEBIAN-CVE-2025-32433
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...
Erlang/OTP 安全漏洞
Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library can catch exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions prior to OTP-27.3.1, prior to OTP-26.2.5.10, and prior to...
AZL-57095 CVE-2025-26618 affecting package erlang for versions less than 25.2-3
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...
SUSE CVE-2024-53846
OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...