PT-2026-44041

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 19.3 through 26.2.5.20 Erlang OTP versions 26.2.5.21 through 27.3.4.11 Erlang OTP versions 27.3.4.12 through 28.5.0.0 Erlang OTP versions 28.5.0.1 through 29.0.0 public key versions 1.4 through 1.15.1.6 public key versions...

EUVD-2024-52172

Malicious code in bioql PyPI...

CVE-2024-53846

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

CVE-2024-53846

CVE-2024-53846 affects Erlang/OTP’s ssl validation. Connected advisories show that a regression in the ssl app introduced improper peer verification when incorrect extended key usage is presented, affecting OTP releases: 25.3.2.8 and later up to 25.3.2.16, 26.2 up to 26.2.5.6, and 27.0 up to 27.1...

CVE-2020-35733

An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority...

Design/Logic Flaw

An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority...

CVE-2020-35733

CVE-2020-35733 affects Erlang/OTP prior to 23.2.2. The issue is in the ssl application where an invalid X.509 certificate chain can be accepted and trusted to a root CA, enabling certificate verification bypass in TLS connections. Multiple vendor advisories reference the same root cause and advis...

CVE-2020-35733

An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority...