Astra Linux – Vulnerability in Erlang

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server might allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in the SSH protocol’s message handling, a malicious...

[SECURITY] Fedora 43 Update: erlang-26.2.5.19-1.fc43

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson...

[SECURITY] Fedora 42 Update: erlang-26.2.5.17-1.fc42

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson...

[SECURITY] Fedora 43 Update: erlang-26.2.5.17-1.fc43

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson...

CVE-2025-48040 Malicious Key Exchange Messages may Lead to Excessive Resource Consumption

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to...

The vulnerability of theOTP library set in the Erlang programming language lies in the lack of control over the data entered by users. This allows attackers to trigger a service failure.

The vulnerability of theOTP library in the Erlang programming language is related to the lack of control over the data entered by users. Exploiting this vulnerability could allow a malicious actor to cause service failures...

OESA-2025-1553 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

UBUNTU-CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

The vulnerability of the Erlang programming language, related to errors in the certificate validation process, allows attackers to access confidential data.

The vulnerability of the Erlang programming language is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential data...

erlang: TLS server vulnerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery or MITM attack

An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack against RSA. This may result in plain-text recovery of encrypted messages and/or a man-in-the-middle MiTM attack, despite the attacker not...