Lucene search
+L

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

Erlang/OTP 27.0 < 27.3.4.12 / 28.0 < 28.5.0.1 / 29.0 < 29.0.1 OCSP Expired Responder Certificate Bypass (CVE-2026-42791)

The version of Erlang/OTP installed on the remote host is 27.0 prior to 27.3.4.12, 28.0 prior to 28.5.0.1, or 29.0 prior to 29.0.1. It is, therefore, affected by a vulnerability: - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References2
OSV
OSV
added 2026/03/23 10:9 a.m.3 views

CVE-2026-28809 XXE in esaml SAML library allows local file read and potential SSRF

XML External Entity XXE vulnerability in esaml and its forks allows an attacker to cause the system to read local files and incorporate their contents into processed SAML documents, and potentially perform SSRF via crafted SAML messages. esaml parses attacker-controlled SAML messages using...

6.3CVSS6AI score0.00281EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.13 views

Unity Linux 20.1060e / 20.1070e Security Update: erlang (UTSA-2026-006131)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006131 advisory. Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an...

10CVSS7.6AI score0.98594EPSS
Exploits36References4
CBLMariner
CBLMariner
added 2025/10/22 3:7 p.m.5 views

CVE-2025-48041 affecting package erlang for versions less than 25.3.2.21-4

CVE-2025-48041 affecting package erlang for versions less than 25.3.2.21-4. A patched version of the package is available...

7.1CVSS6.9AI score0.00359EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/09/12 11:23 p.m.3 views

SUSE CVE-2025-48041

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

7.5CVSS5.4AI score0.00359EPSS
Exploits0References5
OSV
OSV
added 2025/05/23 2:0 p.m.5 views

OESA-2025-1552 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

3.7CVSS6.8AI score0.0046EPSS
Exploits0References2
OSV
OSV
added 2025/05/09 12:43 p.m.5 views

OESA-2025-1492 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

7.5CVSS6.8AI score0.00436EPSS
Exploits0References2
OSV
OSV
added 2023/12/22 11:6 a.m.5 views

OESA-2023-1941 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, a...

9.8CVSS7AI score0.01167EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2015/05/05 12:0 a.m.6 views

PT-2016-3603 · Erlang +1 · Erlang/Otp +1

Name of the Vulnerable Software and Affected Versions: Erlang/OTP versions prior to 18.0-rc1 Description: The issue makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of the POODLE attack. This occurs because Erlang/OTP does not properl...

9.8CVSS6AI score0.22098EPSS
Exploits1References30
Rows per page
Query Builder