VYPR

Erlang\/SSL

by Erlang

Source repositories

CVEs (2)

  • CVE-2026-32144HigApr 7, 2026
    risk 0.41cvss 7.4epss 0.00

    Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in public_key:pkix_ocsp_validate/5 does not verify that a…

  • CVE-2026-48860MedJun 10, 2026
    risk 0.35cvss 6.5epss 0.00

    Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet_tls_dist:check_ip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS,…