Lucene search
+L

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 6:43 a.m.4 views

Security Bulletin: Erlang/OTP SSH Handshake Hardening Bypass Enables MitM Injection (Patched in OTP 25–27 Updates)

Summary Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged...

3.7CVSS6.6AI score0.0046EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/07/23 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-7656-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.8CVSS4.2AI score0.0046EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.4 views

Azure Linux 3.0 Security Update: erlang (CVE-2025-46712)

The version of erlang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-46712 advisory. - Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for...

3.7CVSS5.8AI score0.0046EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.4 views

CBL Mariner 2.0 Security Update: erlang (CVE-2025-46712)

The version of erlang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-46712 advisory. - Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for...

3.7CVSS5.8AI score0.0046EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/07/10 3:9 p.m.7 views

CVE-2025-46712 affecting package erlang for versions less than 26.2.5.12-1

CVE-2025-46712 affecting package erlang for versions less than 26.2.5.12-1. An upgraded version of the package is available that resolves this issue...

3.7CVSS7.3AI score0.0046EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/07/10 3:7 p.m.5 views

CVE-2025-46712 affecting package erlang for versions less than 25.3.2.21-1

CVE-2025-46712 affecting package erlang for versions less than 25.3.2.21-1. An upgraded version of the package is available that resolves this issue...

3.7CVSS7.3AI score0.0046EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/05/08 7:26 p.m.15 views

CVE-2025-46712

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

3.7CVSS5.2AI score0.0046EPSS
Exploits0
Cvelist
Cvelist
added 2025/05/08 7:26 p.m.16 views

CVE-2025-46712 Erlang/OTP SSH Has Strict KEX Violations

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

3.7CVSS0.0046EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/05/08 7:26 p.m.13 views

CVE-2025-46712 Erlang/OTP SSH Has Strict KEX Violations

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...

3.7CVSS7AI score0.0046EPSS
Exploits0References5
Rows per page
Query Builder