Erlang

Otp

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-48041

  • EPSS 0.05%
  • Published 11.09.2025 08:14:20
  • Last modified 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form...

6.9

CVE-2025-48040

  • EPSS 0.06%
  • Published 11.09.2025 08:14:19
  • Last modified 11.09.2025 17:14:10

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP...

5.3

CVE-2025-48039

  • EPSS 0.05%
  • Published 11.09.2025 08:13:36
  • Last modified 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...

5.3

CVE-2025-48038

  • EPSS 0.05%
  • Published 11.09.2025 08:13:04
  • Last modified 11.09.2025 17:14:10

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue af...

4.8

CVE-2025-4748

  • EPSS 0.04%
  • Published 16.06.2025 11:15:18
  • Last modified 04.07.2025 10:15:23

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl ...

3.7

CVE-2025-46712

  • EPSS 0.03%
  • Published 08.05.2025 19:26:27
  • Last modified 12.05.2025 17:32:52

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by...

10

CVE-2025-32433

Warning Media report Exploit
  • EPSS 68.02%
  • Published 16.04.2025 21:34:37
  • Last modified 30.07.2025 19:24:19

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in S...

7.5

CVE-2025-30211

  • EPSS 0.07%
  • Published 28.03.2025 14:55:47
  • Last modified 28.03.2025 18:11:40

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits...

7

CVE-2025-26618

  • EPSS 0.13%
  • Published 20.02.2025 19:15:11
  • Last modified 20.02.2025 21:15:26

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use...

5.5

CVE-2024-53846

  • EPSS 0.12%
  • Published 05.12.2024 17:15:14
  • Last modified 05.12.2024 17:15:14

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of O...