Unrated severityNVD Advisory· Published Oct 2, 2020· Updated Aug 4, 2024
CVE-2020-25623
CVE-2020-25623
Description
Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Erlang/OTPdescription
- osv-coords2 versionspkg:rpm/opensuse/erlang27&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/erlang&distro=openSUSE%20Tumbleweed
< 27.1.3-1.1+ 1 more
- (no CPE)range: < 27.1.3-1.1
- (no CPE)range: < 24.0.5-2.1
Patches
Vulnerability mechanics
References
3- github.com/erlang/otp/releases/tag/OTP-23.1mitrex_refsource_CONFIRM
- www.erlang.org/downloadsmitrex_refsource_CONFIRM
- www.erlang.org/newsmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.