rpm package
opensuse/erlang&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/erlang&distro=openSUSE%20Leap%2015.6
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-48041 | Hig | — | < 23.3.4.19-150300.3.26.1 | 23.3.4.19-150300.3.26.1 | Sep 11, 2025 | Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OT | |
| CVE-2025-48040 | Med | — | < 23.3.4.19-150300.3.29.1 | 23.3.4.19-150300.3.29.1 | Sep 11, 2025 | Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2 | |
| CVE-2025-48039 | Med | — | < 23.3.4.19-150300.3.29.1 | 23.3.4.19-150300.3.29.1 | Sep 11, 2025 | Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until | |
| CVE-2025-48038 | Med | — | < 23.3.4.19-150300.3.29.1 | 23.3.4.19-150300.3.29.1 | Sep 11, 2025 | Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until | |
| CVE-2025-4748 | Med | — | < 23.3.4.19-150300.3.23.3 | 23.3.4.19-150300.3.23.3 | Jun 16, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip | |
| CVE-2025-32433 | — | KEV | < 23.3.4.19-150300.3.20.1 | 23.3.4.19-150300.3.20.1 | Apr 16, 2025 | Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, | |
| CVE-2025-26618 | Hig | — | < 23.3.4.19-150300.3.17.1 | 23.3.4.19-150300.3.17.1 | Feb 20, 2025 | Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in |
- affected < 23.3.4.19-150300.3.26.1fixed 23.3.4.19-150300.3.26.1
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OT
- affected < 23.3.4.19-150300.3.29.1fixed 23.3.4.19-150300.3.29.1
Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2
- affected < 23.3.4.19-150300.3.29.1fixed 23.3.4.19-150300.3.29.1
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until
- affected < 23.3.4.19-150300.3.29.1fixed 23.3.4.19-150300.3.29.1
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until
- affected < 23.3.4.19-150300.3.23.3fixed 23.3.4.19-150300.3.23.3
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip
- affected < 23.3.4.19-150300.3.20.1fixed 23.3.4.19-150300.3.20.1
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling,
- affected < 23.3.4.19-150300.3.17.1fixed 23.3.4.19-150300.3.17.1
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in