Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/05/28 3:58 a.m.14 views

SUSE CVE-2026-42790

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeycert and publickey modules allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted e.g...

7.6CVSS5.8AI score0.00338EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 7 : erlang-18.3.4.7-1.0.1.el7.AXS7 (AXSA:2017-2480:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-2480:01 advisory. The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt conten...

5.9CVSS6.6AI score0.22098EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/03/06 9:51 a.m.4 views

erlang: TLS server vulnerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery or MITM attack

An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack against RSA. This may result in plain-text recovery of encrypted messages and/or a man-in-the-middle MiTM attack, despite the attacker not...

5.9CVSS6.4AI score0.22098EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/01/30 7:52 p.m.6 views

erlang: TLS server vulnerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery or MITM attack

An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack against RSA. This may result in plain-text recovery of encrypted messages and/or a man-in-the-middle MiTM attack, despite the attacker not...

5.9CVSS6.4AI score0.22098EPSS
Exploits0References4
Rows per page
Query Builder