18 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: erlang (UTSA-2026-006244)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006244 advisory. Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message c...
EUVD-2025-14809
Malicious code in bioql PyPI...
K000152843: Erlang/OTP vulnerabilities CVE-2025-26618, CVE-2025-30211, and CVE-2025-46712
Security Advisory Description CVE-2025-26618 Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use...
Security Bulletin: Erlang/OTP Vulnerability in KEX Init Handling May Lead to High Memory Usage
Summary Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters...
Astra Linux – Vulnerability in Erlang
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19, a maliciously formed KEX init message could result in high memory usage. The implementation does not verify the RFC specified limits on the length of algorithm nam...
OESA-2025-1490 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...
OESA-2025-1364 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...
OESA-2025-1363 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...
SUSE CVE-2025-30211
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211
A flaw was found in Erlang/OTP. This vulnerability allows an attacker to cause high memory consumption via a maliciously crafted KEX init message that exceeds RFC-specified limits on algorithm names...
CVE-2025-30211
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
AZL-59350 CVE-2025-30211 affecting package erlang for versions less than 25.3.2.20-1
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211 KEX init error results with excessive memory usage
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211 KEX init error results with excessive memory usage
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211 KEX init error results with excessive memory usage
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...
CVE-2025-30211
CVE-2025-30211 affects Erlang/OTP: prior to OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a malicious KEX init message can trigger high memory usage because the implementation does not verify RFC limits on 64-character algorithm names in KEX init messages, leading to memory allocation for processing mali...
PT-2025-13543 · Ericsson +6 · Erlang/Otp +6
Name of the Vulnerable Software and Affected Versions: Erlang/OTP versions prior to 27.3.1 Erlang/OTP versions prior to 26.2.5.10 Erlang/OTP versions prior to 25.3.2.19 Description: A maliciously formed KEX init message can result in high memory usage due to the implementation not verifying RFC...
DEBIAN-CVE-2016-8858
The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...