Lucene search
K

47 matches found

Cvelist
Cvelist
added yesterday19 views

CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Erlang

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19, a maliciously formed KEX init message could result in high memory usage. The implementation does not verify the RFC specified limits on the length of algorithm nam...

7.5CVSS7.2AI score0.00436EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-48858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP...

6.5CVSS6AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.10 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by the built-in APIs of node.js. Erlang/OTP has security vulnerabilities in versions prior to 11.7.2, as well as versions 11.6.0.2 and 11.2.12.9. The vulnerability stems from the...

7.5CVSS5.3AI score0.00194EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2026/05/05 7:41 p.m.13 views

K000161125: Erlang vulnerability CVE-2025-4748

Security Advisory Description Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines...

4.8CVSS5.8AI score0.00226EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.2 views

Fedora 43 : erlang (2026-53a7ddccc8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-53a7ddccc8 advisory. Erlang ver. 26.2.5.19 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS5.4AI score0.0053EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2026-28810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel inetres, inetdb modules allows DNS Cache Poisoning. The built-in DNS resolve...

6.3CVSS5.8AI score0.00269EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/07 12:28 p.m.3 views

CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...

7.6CVSS5.9AI score0.002EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by the built-in APIs of node.js. Erlang/OTP has a security vulnerability, which stems from issues with relative path traversal and improper isolation in the tftpfile module. These...

2.3CVSS5.8AI score0.00461EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

Ubuntu 24.04 LTS : Erlang vulnerability (USN-7961-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7961-1 advisory. It was discovered that Erlang incorrectly validated peer certificates when incorrect extended key usage was presented. A remote attacker could possibly use this...

5.5CVSS5.9AI score0.00251EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.5 views

SUSE SLES15: erlang / erlang-debugger / erlang-debugger-src / erlang-dialyzer / etc (SUSE-SU-2025:3807-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3807-1 advisory. - CVE-2025-48041: fixed erlang exhaustion of file handles in SSH bsc1249473 Tenable has extracted the preceding description...

7.1CVSS5.8AI score0.00359EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/10/23 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-7831-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.8AI score0.00402EPSS
Exploits0References2
OSV
OSV
added 2025/10/21 2:8 p.m.8 views

USN-7831-1 erlang vulnerabilities

It was discovered that Erlang incorrectly handled resource allocation and consumption in the SFTP SSH module. An attacker could possibly use this issue cause Erlang to consume excessive resources, leading to a denial of service...

7.1CVSS5.8AI score0.00402EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-15860

Malware in sbrugna...

7CVSS6.9AI score0.00584EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2025/09/15 12:0 a.m.4 views

Erlang/OTP (Erlang OTP) Directory Traversal Vulnerability (Sep 2020) - Linux

Erlang/OTP Erlang OTP is prone to a directory traversal vulnerability in the httpd module of the inets component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5CVSS6.9AI score0.03151EPSS
Exploits0References2
OSV
OSV
added 2025/09/11 9:15 a.m.9 views

AZL-67124 CVE-2025-48041 affecting package erlang for versions less than 26.2.5.15-1

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5....

7.1CVSS5.8AI score0.00359EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 9:15 a.m.6 views

AZL-67127 CVE-2025-48039 affecting package erlang for versions less than 26.2.5.15-1

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.7AI score0.00359EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.2 views

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions 17.0 through 28.0.3, 27.3.4.3, and 26.2.5.15, which stems from an...

7.1CVSS6.3AI score0.00359EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-30211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init...

7.5CVSS7.1AI score0.00436EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

CBL Mariner 2.0 Security Update: erlang (CVE-2025-4748)

The version of erlang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4748 advisory. - Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdl...

4.8CVSS6.5AI score0.00226EPSS
Exploits0References2
Rows per page
Query Builder