VYPR

rpm package

suse/erlang&distro=SUSE Package Hub 12

pkg:rpm/suse/erlang&distro=SUSE%20Package%20Hub%2012

Vulnerabilities (2)

  • CVE-2017-1000385MedDec 12, 2017
    affected < 18.3.4.7-9.1fixed 18.3.4.7-9.1

    The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher attack).

  • CVE-2016-10253CriMar 18, 2017
    affected < 18.3.4.7-9.1fixed 18.3.4.7-9.1

    An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regio