rpm package
suse/erlang&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
pkg:rpm/suse/erlang&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-48041 | Hig | — | < 23.3.4.19-150300.3.26.1 | 23.3.4.19-150300.3.26.1 | Sep 11, 2025 | Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OT | |
| CVE-2025-32433 | — | KEV | < 23.3.4.19-150300.3.20.1 | 23.3.4.19-150300.3.20.1 | Apr 16, 2025 | Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, | |
| CVE-2023-48795 | Med | 5.9 | < 23.3.4.19-150300.3.14.1 | 23.3.4.19-150300.3.14.1 | Dec 18, 2023 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end |
- affected < 23.3.4.19-150300.3.26.1fixed 23.3.4.19-150300.3.26.1
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OT
- affected < 23.3.4.19-150300.3.20.1fixed 23.3.4.19-150300.3.20.1
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling,
- affected < 23.3.4.19-150300.3.14.1fixed 23.3.4.19-150300.3.14.1
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end