Erlang

Otp

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2026-23941

  • EPSS 0.02%
  • Veröffentlicht 13.03.2026 09:11:58
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/http_server/httpd_request.erl a...

6.9

CVE-2026-23943

  • EPSS 0.04%
  • Veröffentlicht 13.03.2026 09:11:57
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion. The SSH transport layer advertises legacy zlib compression by default and inflate...

5.3

CVE-2026-23942

  • EPSS 0.02%
  • Veröffentlicht 13.03.2026 09:11:56
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routines s...

2.3

CVE-2026-21620

  • EPSS 0.02%
  • Veröffentlicht 20.02.2026 11:15:56
  • Zuletzt bearbeitet 20.02.2026 13:49:47

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerabili...

7.1

CVE-2025-48041

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:14:20
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form...

6.9

CVE-2025-48040

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:14:19
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP...

5.3

CVE-2025-48039

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:13:36
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...

5.3

CVE-2025-48038

  • EPSS 0.12%
  • Veröffentlicht 11.09.2025 08:13:04
  • Zuletzt bearbeitet 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...

4.8

CVE-2025-4748

  • EPSS 0.09%
  • Veröffentlicht 16.06.2025 11:15:18
  • Zuletzt bearbeitet 04.07.2025 10:15:23

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl ...

3.7

CVE-2025-46712

  • EPSS 0.34%
  • Veröffentlicht 08.05.2025 19:26:27
  • Zuletzt bearbeitet 12.01.2026 15:16:03

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by...