CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30211 – KEX init error results with excessive memory usage
https://notcve.org/view.php?id=CVE-2025-30211
28 Mar 2025 — Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message. Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. • https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-26618 – SSH SFTP packet size not verified properly in Erlang OTP
https://notcve.org/view.php?id=CVE-2025-26618
20 Feb 2025 — Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allow... • https://github.com/erlang/otp/commit/0ed2573cbd55c92e9125c9dc70fa1ca7fed82872 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53846 – ssl fails to validate incorrect extened key usage
https://notcve.org/view.php?id=CVE-2024-53846
05 Dec 2024 — OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and OTP-27.0, resulting in a server or client verifying the peer when incorrect extended key usage is presented (i.e., a server will verify a client if they have server auth ext key usage and vice versa). • https://github.com/erlang/otp/security/advisories/GHSA-qw6r-qh9v-638v • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 67%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-37026 – erlang/otp: Client Authentication Bypass
https://notcve.org/view.php?id=CVE-2022-37026
21 Sep 2022 — In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. En Erlang/OTP versiones anteriores a 23.3.4.15, 24.x anteriores a 24.3.4.2 y 25.x anteriores a 25.0.2, se presenta una Omisión de Autenticación de Cliente en determinadas situaciones de certificación de cliente para SSL, TLS y DTLS A Client Authentication Bypass was found in Erlang/OTP. This issue occurs in certain client-cer... • https://erlangforums.com/c/erlang-news-announcements/91 • CWE-305: Authentication Bypass by Primary Weakness •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 1CVE-2021-29221
https://notcve.org/view.php?id=CVE-2021-29221
09 Apr 2021 — A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a service running with "erlsrv.exe" to execute arbitrary code as Local System. This can occur only under specific conditions on Windows with unsafe filesystem permissions. Se detectó una vulnerabilidad de escalada de privilegios local en Erlang/OTP anterior a v... • https://deepsurface.com/deepsurface-security-advisory-local-privilege-escalation-in-erlang-on-windows-cve-2021-29221 • CWE-426: Untrusted Search Path •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-35733
https://notcve.org/view.php?id=CVE-2020-35733
15 Jan 2021 — An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority. Se detectó un problema en Erlang/OTP versiones anteriores a 23.2.2. La aplicación ssl versión 10.2, acepta y confía en una cadena de certificados X.509 no válida para una Autoridad de Certificación root confiable • https://erlang.org/pipermail/erlang-questions/2021-January/100357.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25623
https://notcve.org/view.php?id=CVE-2020-25623
02 Oct 2020 — Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used. Erlang/OTP versiones 22.3.x anteriores a 22.3.4.6 y versiones 23.x anteriores a 23.1, permite un salto de directorio. Un atacante puede enviar una petición HTTP diseñada para leer archivos arbitrarios, si es usado httpd en la aplicación inets • https://github.com/erlang/otp/releases/tag/OTP-23.1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 44%CPEs: 3EXPL: 2CVE-2020-13802 – Gentoo Linux Security Advisory 202405-30
https://notcve.org/view.php?id=CVE-2020-13802
01 Sep 2020 — Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. Las versiones 3.0.0-beta.3 a la versión 3.13.2 de Rebar3 son vulnerables a la inyección de comandos del sistema operativo a través del parámetro URL de especificación de dependencia A vulnerability has been discovered in Rebar3, which can lead to command injection. Versions greater than or equal to 3.14.4 are affected. • https://packetstorm.news/files/id/159027 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1000107
https://notcve.org/view.php?id=CVE-2016-1000107
10 Dec 2019 — inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. inets en Erlang posiblemente versión 22.1 y anteriores, siguen RFC sección 3875 versión 4.1.18 y, por lo tanto, no protegen l... • http://www.openwall.com/lists/oss-security/2016/07/18/6 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •