rpm package
suse/erlang&distro=SUSE Linux Enterprise Module for Server Applications 15 SP6
pkg:rpm/suse/erlang&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-48041 | Hig | — | < 23.3.4.19-150300.3.26.1 | 23.3.4.19-150300.3.26.1 | Sep 11, 2025 | Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OT | |
| CVE-2025-4748 | Med | — | < 23.3.4.19-150300.3.23.3 | 23.3.4.19-150300.3.23.3 | Jun 16, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip | |
| CVE-2025-32433 | — | KEV | < 23.3.4.19-150300.3.20.1 | 23.3.4.19-150300.3.20.1 | Apr 16, 2025 | Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, | |
| CVE-2025-26618 | Hig | — | < 23.3.4.19-150300.3.17.1 | 23.3.4.19-150300.3.17.1 | Feb 20, 2025 | Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in |
- affected < 23.3.4.19-150300.3.26.1fixed 23.3.4.19-150300.3.26.1
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OT
- affected < 23.3.4.19-150300.3.23.3fixed 23.3.4.19-150300.3.23.3
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip
- affected < 23.3.4.19-150300.3.20.1fixed 23.3.4.19-150300.3.20.1
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling,
- affected < 23.3.4.19-150300.3.17.1fixed 23.3.4.19-150300.3.17.1
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in