CVE-2026-23941
- EPSS 0.53%
- Veröffentlicht 13.03.2026 09:11:58
- Zuletzt bearbeitet 21.05.2026 15:22:43
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/http_server/httpd_request.erl a...
CVE-2026-23943
- EPSS 0.64%
- Veröffentlicht 13.03.2026 09:11:57
- Zuletzt bearbeitet 21.05.2026 15:22:36
Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion. The SSH transport layer advertises legacy zlib compression by default and inflate...
CVE-2026-23942
- EPSS 0.36%
- Veröffentlicht 13.03.2026 09:11:56
- Zuletzt bearbeitet 21.05.2026 15:22:38
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routines s...
CVE-2026-21620
- EPSS 0.46%
- Veröffentlicht 20.02.2026 11:15:56
- Zuletzt bearbeitet 15.04.2026 00:35:42
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerabili...
CVE-2025-48041
- EPSS 0.36%
- Veröffentlicht 11.09.2025 08:14:20
- Zuletzt bearbeitet 05.06.2026 13:16:33
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from...
CVE-2025-48040
- EPSS 0.4%
- Veröffentlicht 11.09.2025 08:14:19
- Zuletzt bearbeitet 05.06.2026 13:16:33
Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP...
CVE-2025-48039
- EPSS 0.36%
- Veröffentlicht 11.09.2025 08:13:36
- Zuletzt bearbeitet 05.06.2026 13:16:33
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...
CVE-2025-48038
- EPSS 0.36%
- Veröffentlicht 11.09.2025 08:13:04
- Zuletzt bearbeitet 05.06.2026 13:16:33
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...
CVE-2025-4748
- EPSS 0.23%
- Veröffentlicht 16.06.2025 11:15:18
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl ...
- EPSS 0.58%
- Veröffentlicht 09.04.2021 14:15:12
- Zuletzt bearbeitet 21.11.2024 06:00:51
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce...