VYPR

rpm package

opensuse/erlang&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/erlang&distro=openSUSE%20Tumbleweed

Vulnerabilities (6)

  • CVE-2025-26618HigFeb 20, 2025
    affected < 27.2.4-2.1fixed 27.2.4-2.1

    Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in

  • CVE-2023-48795MedDec 18, 2023
    affected < 26.2.1-1.1fixed 26.2.1-1.1

    The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end

  • CVE-2022-37026Sep 21, 2022
    affected < 25.1.1-1.1fixed 25.1.1-1.1

    In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

  • CVE-2020-35733Jan 15, 2021
    affected < 24.0.5-2.1fixed 24.0.5-2.1

    An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.

  • CVE-2020-25623Oct 2, 2020
    affected < 24.0.5-2.1fixed 24.0.5-2.1

    Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.

  • CVE-2016-1000107Dec 10, 2019
    affected < 28.1.1-1.1fixed 28.1.1-1.1

    inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP t