Astra Linux - уязвимость в erlang

Erlang is a programming language and runtime system designed for building massively scalable, soft-real-time systems with high availability requirements. OTP is a set of Erlang libraries, which includes the Erlang runtime system and several ready-to-use components written in Erlang. The packet si...

CLSA-2026-1778788223 libssh2: Fix of 2 CVEs

CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...

CLSA-2026-1777445542 libssh2: Fix of 2 CVEs

CVE-2019-3858: fix zero-byte allocation in sftppacketread - CVE-2019-3859: fix out-of-bounds reads in libssh2packetrequire...

CLSA-2026-1777036898 libssh2: Fix of 2 CVEs

CVE-2019-3858: fix zero-byte allocation in sftppacketread - CVE-2019-3859: fix out-of-bounds reads in libssh2packetrequire...

EUVD-2025-5086

Malicious code in bioql PyPI...

openSUSE Security Advisory (SUSE-SU-2025:1051-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:1051-1 Security update for erlang26

This update for erlang26 fixes the following issues: - CVE-2025-26618: Fixed incorrect verification of SSH SFTP packet size in Erlang OTP bsc1237467...

Linux Distros Unpatched Vulnerability : CVE-2025-26618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set ...

Linux Distros Unpatched Vulnerability : CVE-2019-3858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who...

USN-7313-1: Erlang vulnerability

It was discovered that Erlang incorrectly handled SFTP packet sizes. A remote attacker could possibly use this issue to cause Erlang to consume resources, resulting in a denial of service...

SUSE CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

CVE-2025-26618

A flaw was found in the Erlang OTP library. When multiple SSH packets are received, they may be combined into a single SFTP packet that exceeds the maximum allowed size. This flaw allows an authenticated remote attacker to trigger excessive memory allocation and cause a denial of service...

CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

CVE-2025-26618 SSH SFTP packet size not verified properly in Erlang OTP

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

CVE-2025-26618 SSH SFTP packet size not verified properly in Erlang OTP

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

CVE-2025-26618

CVE-2025-26618 is an Erlang/OTP vulnerability where SSH/SFTP packet handling can lead to excessive memory allocation. The issue occurs after SSH handshake for authenticated users and is fixed in OTP versions 27.2.4, 26.2.5.9, and 25.3.2.18. Connected advisories reiter the memory impact and patch ...

CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

PT-2025-7604 · Ericsson +6 · Erlang/Otp +6

Name of the Vulnerable Software and Affected Versions: Erlang OTP versions prior to 25.3.2.18 Erlang OTP versions prior to 26.2.5.9 Erlang OTP versions prior to 27.2.4 Description: The issue arises from improper verification of packet size for SFTP packets. When multiple SSH packets are received,...

Moderate: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

ALSA-2024:1601 Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 curl: more POST-after-PUT confusion...