5 matches found
erlang-28.1.1-1.1 on GA media (moderate)
erlang-28.1.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15706-1 Rating: moderate Cross-References: CVE-2016-1000107 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the erlang-28.1.1-1....
Erlang/OTP (Erlang OTP) Httpd CGI Scripts Environment Variable Pollution Vulnerability (Sep 2025, httpoxy) - Windows
Erlang/OTP Erlang OTP is prone to a Httpd CGI scripts environment variable pollution vulnerability in the inets component dubbed SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Advisory ROSA-SA-2021-1829
Software: erlang R16B OS: Cobalt 7.9 CVE-ID: CVE-2011-0766 CVE-Crit: MEDIUM CVE-DESC: The random number generator in the Crypto application before 2.0.2.2.2 and SSH before 2.0.5, which was used in the Erlang / OTP ssh library before R14B03, uses predictable starting numbers based on the current...
UBUNTU-CVE-2016-1000107
inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an...
CVE-2016-1000107
CVE-2016-1000107 is described across multiple feeds as an httpoxy-style vulnerability in Erlang’s inets component, affecting Erlang versions possibly 22.1 and earlier. The issue arises because inets follows RFC 3875 section 4.1.18 and does not guard against untrusted client data in the HTTP_PROXY...