Erlang/OTP 27.0 < 27.3.4.12 / 28.0 < 28.5.0.1 / 29.0 < 29.0.1 OCSP Expired Responder Certificate Bypass (CVE-2026-42791)

The version of Erlang/OTP installed on the remote host is 27.0 prior to 27.3.4.12, 28.0 prior to 28.5.0.1, or 29.0 prior to 29.0.1. It is, therefore, affected by a vulnerability: - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses...

[SECURITY] Fedora 42 Update: erlang-26.2.5.19-1.fc42

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson...

Erlang/OTP 27.x < 27.3.4.10 / 28.x < 28.4.2 OCSP Certificate Validation Bypass (CVE-2026-32144)

The version of Erlang/OTP installed on the remote host is 27.x prior to 27.3.4.10 or 28.x prior to 28.4.2. It is, therefore, affected by a certificate validation bypass vulnerability: - Improper certificate validation in the publickey application's OCSP response validation allows an attacker who...

CVE-2026-28809 XXE in esaml SAML library allows local file read and potential SSRF

XML External Entity XXE vulnerability in esaml and its forks allows an attacker to cause the system to read local files and incorporate their contents into processed SAML documents, and potentially perform SSRF via crafted SAML messages. esaml parses attacker-controlled SAML messages using...

PT-2026-27105

Name of the Vulnerable Software and Affected Versions esaml and its forks affected versions not specified Description The software contains a flaw related to XML External Entity XXE processing. An attacker can potentially read local files and include their contents within processed SAML documents...

CVE-2026-23942 affecting package erlang for versions less than 25.3.2.21-5

CVE-2026-23942 affecting package erlang for versions less than 25.3.2.21-5. A patched version of the package is available...

OPENSUSE-SU-2025:15706-1 erlang-28.1.1-1.1 on GA media

These are all security issues fixed in the erlang-28.1.1-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2016-1052

Malware in sbrugna...

SUSE CVE-2020-25623

Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used...

Erlang/OTP 代码问题漏洞

erlang/otp is a personal developer of a library written in JavaScript to handle handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP version 23.2.3 and earlier versions, which can be exploited to hijack the account o...

DEBIAN-CVE-2020-35733

An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority...