Erlang

Erlang/otp

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2026-23941

  • EPSS 0.02%
  • Veröffentlicht 13.03.2026 09:11:58
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/http_server/httpd_request.erl a...

6.9

CVE-2026-23943

  • EPSS 0.04%
  • Veröffentlicht 13.03.2026 09:11:57
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion. The SSH transport layer advertises legacy zlib compression by default and inflate...

5.3

CVE-2026-23942

  • EPSS 0.02%
  • Veröffentlicht 13.03.2026 09:11:56
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routines s...

2.3

CVE-2026-21620

  • EPSS 0.02%
  • Veröffentlicht 20.02.2026 11:15:56
  • Zuletzt bearbeitet 20.02.2026 13:49:47

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerabili...

7.1

CVE-2025-48041

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:14:20
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form...

6.9

CVE-2025-48040

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:14:19
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP...

5.3

CVE-2025-48039

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:13:36
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...

5.3

CVE-2025-48038

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:13:04
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...

4.8

CVE-2025-4748

  • EPSS 0.09%
  • Veröffentlicht 16.06.2025 11:15:18
  • Zuletzt bearbeitet 04.07.2025 10:15:23

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl ...

7

CVE-2021-29221

Exploit
  • EPSS 0.04%
  • Veröffentlicht 09.04.2021 14:15:12
  • Zuletzt bearbeitet 21.11.2024 06:00:51

A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce...