Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
Typedeb
Namespacedebian
Nameerlang
Version1:25.2.3+dfsg-1+deb12u3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1:27.3.4.10+dfsg-1
Latest_non_vulnerable_version1:27.3.4.10+dfsg-1
Affected_by_vulnerabilities
0
url VCID-1283-nvxm-r7cw
vulnerability_id VCID-1283-nvxm-r7cw
summary erlang: Erlang Excessive Use of System Resources
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48038.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48038.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48038
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-04T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31511
published_at 2026-04-02T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36463
published_at 2026-04-16T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.364
published_at 2026-04-07T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36451
published_at 2026-04-08T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36471
published_at 2026-04-09T12:55:00Z
6
value 0.00156
scoring_system epss
scoring_elements 0.36479
published_at 2026-04-11T12:55:00Z
7
value 0.00156
scoring_system epss
scoring_elements 0.36443
published_at 2026-04-12T12:55:00Z
8
value 0.00156
scoring_system epss
scoring_elements 0.36422
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48038
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48038
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/pull/10156
reference_id 10156
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/pull/10156
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115093
reference_id 1115093
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115093
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394522
reference_id 2394522
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394522
7
reference_url https://github.com/erlang/otp/commit/4e3bf86777ab3db7220c11d8ddabf15970ddd10a
reference_id 4e3bf86777ab3db7220c11d8ddabf15970ddd10a
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/commit/4e3bf86777ab3db7220c11d8ddabf15970ddd10a
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
9
reference_url https://cna.erlef.org/cves/CVE-2025-48038.html
reference_id CVE-2025-48038.html
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://cna.erlef.org/cves/CVE-2025-48038.html
10
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-48038
reference_id EEF-CVE-2025-48038
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-48038
11
reference_url https://github.com/erlang/otp/commit/f09e0201ff701993dc24a08f15e524daf72db42f
reference_id f09e0201ff701993dc24a08f15e524daf72db42f
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/commit/f09e0201ff701993dc24a08f15e524daf72db42f
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r
reference_id GHSA-pvj7-9652-7h9r
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r
13
reference_url https://usn.ubuntu.com/7831-1/
reference_id USN-7831-1
reference_type
scores
url https://usn.ubuntu.com/7831-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2025-48038
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1283-nvxm-r7cw
1
url VCID-28fj-t5hy-x3gn
vulnerability_id VCID-28fj-t5hy-x3gn
summary erlang: Erlang Excessive Resource Consumption
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48040.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48040.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48040
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31723
published_at 2026-04-04T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31679
published_at 2026-04-02T12:55:00Z
2
value 0.00158
scoring_system epss
scoring_elements 0.36629
published_at 2026-04-16T12:55:00Z
3
value 0.00158
scoring_system epss
scoring_elements 0.36564
published_at 2026-04-07T12:55:00Z
4
value 0.00158
scoring_system epss
scoring_elements 0.36615
published_at 2026-04-08T12:55:00Z
5
value 0.00158
scoring_system epss
scoring_elements 0.36634
published_at 2026-04-09T12:55:00Z
6
value 0.00158
scoring_system epss
scoring_elements 0.36641
published_at 2026-04-11T12:55:00Z
7
value 0.00158
scoring_system epss
scoring_elements 0.36607
published_at 2026-04-12T12:55:00Z
8
value 0.00158
scoring_system epss
scoring_elements 0.36583
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48040
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48040
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/pull/10162
reference_id 10162
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/
url https://github.com/erlang/otp/pull/10162
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115091
reference_id 1115091
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115091
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394521
reference_id 2394521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394521
7
reference_url https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a
reference_id 548f1295d86d0803da884db8685cc16d461d0d5a
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/
url https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a
8
reference_url https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a
reference_id 7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/
url https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
10
reference_url https://cna.erlef.org/cves/CVE-2025-48040.html
reference_id CVE-2025-48040.html
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/
url https://cna.erlef.org/cves/CVE-2025-48040.html
11
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-48040
reference_id EEF-CVE-2025-48040
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-48040
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph
reference_id GHSA-h7rg-6rjg-4cph
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/
url https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph
13
reference_url https://usn.ubuntu.com/7831-1/
reference_id USN-7831-1
reference_type
scores
url https://usn.ubuntu.com/7831-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:33Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2025-48040
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-28fj-t5hy-x3gn
2
url VCID-c3vm-u9jn-83cs
vulnerability_id VCID-c3vm-u9jn-83cs
summary erlang: Erlang Excessive Use of System Resources
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48039.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48039.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48039
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-04T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31511
published_at 2026-04-02T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36463
published_at 2026-04-16T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.364
published_at 2026-04-07T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36451
published_at 2026-04-08T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36471
published_at 2026-04-09T12:55:00Z
6
value 0.00156
scoring_system epss
scoring_elements 0.36479
published_at 2026-04-11T12:55:00Z
7
value 0.00156
scoring_system epss
scoring_elements 0.36443
published_at 2026-04-12T12:55:00Z
8
value 0.00156
scoring_system epss
scoring_elements 0.36422
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48039
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48039
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/commit/043ee3c943e2977c1acdd740ad13992fd60b6bf0
reference_id 043ee3c943e2977c1acdd740ad13992fd60b6bf0
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/commit/043ee3c943e2977c1acdd740ad13992fd60b6bf0
5
reference_url https://github.com/erlang/otp/pull/10155
reference_id 10155
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/pull/10155
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115092
reference_id 1115092
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115092
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394523
reference_id 2394523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394523
8
reference_url https://github.com/erlang/otp/commit/c242e6458967e9514bea351814151695807a54ac
reference_id c242e6458967e9514bea351814151695807a54ac
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/commit/c242e6458967e9514bea351814151695807a54ac
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
10
reference_url https://cna.erlef.org/cves/CVE-2025-48039.html
reference_id CVE-2025-48039.html
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://cna.erlef.org/cves/CVE-2025-48039.html
11
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-48039
reference_id EEF-CVE-2025-48039
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-48039
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-rr5p-6856-j7h8
reference_id GHSA-rr5p-6856-j7h8
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/security/advisories/GHSA-rr5p-6856-j7h8
13
reference_url https://usn.ubuntu.com/7831-1/
reference_id USN-7831-1
reference_type
scores
url https://usn.ubuntu.com/7831-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2025-48039
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3vm-u9jn-83cs
3
url VCID-gcn7-ak4r-eba3
vulnerability_id VCID-gcn7-ak4r-eba3
summary 
Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scripts protected by directory rules when served via script_alias.

When script_alias maps a URL prefix to a directory outside DocumentRoot, mod_auth evaluates directory-based access controls against the DocumentRoot-relative path while mod_cgi executes the script at the ScriptAlias-resolved path. This path mismatch allows unauthenticated access to CGI scripts that directory rules were meant to protect.

This vulnerability is associated with program files lib/inets/src/http_server/mod_alias.erl, lib/inets/src/http_server/mod_auth.erl, and lib/inets/src/http_server/mod_cgi.erl.

This issue affects OTP from OTP 17.0 until OTP 28.4.2, 27.3.4.10 and 26.2.5.19 corresponding to inets from 5.10 until 9.6.2, 9.3.2.4 and 9.1.0.6.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28808.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28808.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28808
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15168
published_at 2026-04-08T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.15151
published_at 2026-04-12T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15189
published_at 2026-04-11T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.1522
published_at 2026-04-09T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.19983
published_at 2026-04-16T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.20002
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28808
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28808
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28808
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455909
reference_id 2455909
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455909
5
reference_url https://github.com/erlang/otp/commit/8fc71ac6af4fbcc54103bec2983ef22e82942688
reference_id 8fc71ac6af4fbcc54103bec2983ef22e82942688
reference_type
scores
0
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/
url https://github.com/erlang/otp/commit/8fc71ac6af4fbcc54103bec2983ef22e82942688
6
reference_url https://github.com/erlang/otp/commit/9dfa0c51eac97866078e808dec2183cb7871ff7c
reference_id 9dfa0c51eac97866078e808dec2183cb7871ff7c
reference_type
scores
0
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/
url https://github.com/erlang/otp/commit/9dfa0c51eac97866078e808dec2183cb7871ff7c
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
8
reference_url https://cna.erlef.org/cves/CVE-2026-28808.html
reference_id CVE-2026-28808.html
reference_type
scores
0
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/
url https://cna.erlef.org/cves/CVE-2026-28808.html
9
reference_url https://osv.dev/vulnerability/EEF-CVE-2026-28808
reference_id EEF-CVE-2026-28808
reference_type
scores
0
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/
url https://osv.dev/vulnerability/EEF-CVE-2026-28808
10
reference_url https://github.com/erlang/otp/security/advisories/GHSA-3vhp-h532-mc3f
reference_id GHSA-3vhp-h532-mc3f
reference_type
scores
0
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/
url https://github.com/erlang/otp/security/advisories/GHSA-3vhp-h532-mc3f
11
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:14:10Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1
aliases CVE-2026-28808
risk_score 3.8
exploitability 0.5
weighted_severity 7.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gcn7-ak4r-eba3
4
url VCID-h1k4-x8vr-5bch
vulnerability_id VCID-h1k4-x8vr-5bch
summary Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of Service via Resource Depletion. The SSH transport layer advertises legacy zlib compression by default and inflates attacker-controlled payloads pre-authentication without any size limit, enabling reliable memory exhaustion DoS. Two compression algorithms are affected: * zlib: Activates immediately after key exchange, enabling unauthenticated attacks * zlib@openssh.com: Activates post-authentication, enabling authenticated attacks Each SSH packet can decompress ~255 MB from 256 KB of wire data (1029:1 amplification ratio). Multiple packets can rapidly exhaust available memory, causing OOM kills in memory-constrained environments. This vulnerability is associated with program files lib/ssh/src/ssh_transport.erl and program routines ssh_transport:decompress/2, ssh_transport:handle_packet_part/4. This issue affects OTP from OTP 17.0 until OTP 28.4.1, 27.3.4.9 and 26.2.5.18 corresponding to ssh from 3.0.1 until 5.5.1, 5.2.11.6 and 5.1.4.14.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23943
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16609
published_at 2026-04-04T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16546
published_at 2026-04-02T12:55:00Z
2
value 0.00121
scoring_system epss
scoring_elements 0.31129
published_at 2026-04-13T12:55:00Z
3
value 0.00121
scoring_system epss
scoring_elements 0.31173
published_at 2026-04-12T12:55:00Z
4
value 0.00121
scoring_system epss
scoring_elements 0.31217
published_at 2026-04-11T12:55:00Z
5
value 0.00121
scoring_system epss
scoring_elements 0.31212
published_at 2026-04-09T12:55:00Z
6
value 0.00121
scoring_system epss
scoring_elements 0.31181
published_at 2026-04-08T12:55:00Z
7
value 0.00121
scoring_system epss
scoring_elements 0.31128
published_at 2026-04-07T12:55:00Z
8
value 0.00132
scoring_system epss
scoring_elements 0.3277
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23943
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23943
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23943
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/erlang/otp/commit/0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4
reference_id 0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/
url https://github.com/erlang/otp/commit/0c1c04b191f6ab940e8fcfabce39eb5a8a6440a4
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912
reference_id 1130912
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912
5
reference_url https://github.com/erlang/otp/commit/43a87b949bdff12d629a8c34146711d9da93b1b1
reference_id 43a87b949bdff12d629a8c34146711d9da93b1b1
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/
url https://github.com/erlang/otp/commit/43a87b949bdff12d629a8c34146711d9da93b1b1
6
reference_url https://github.com/erlang/otp/commit/93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3
reference_id 93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/
url https://github.com/erlang/otp/commit/93073c3bd338c60cd2bae715ce6a1d4ffc1a8fd3
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
8
reference_url https://cna.erlef.org/cves/CVE-2026-23943.html
reference_id CVE-2026-23943.html
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/
url https://cna.erlef.org/cves/CVE-2026-23943.html
9
reference_url https://osv.dev/vulnerability/EEF-CVE-2026-23943
reference_id EEF-CVE-2026-23943
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/
url https://osv.dev/vulnerability/EEF-CVE-2026-23943
10
reference_url https://github.com/erlang/otp/security/advisories/GHSA-c836-qprm-jw9r
reference_id GHSA-c836-qprm-jw9r
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/
url https://github.com/erlang/otp/security/advisories/GHSA-c836-qprm-jw9r
11
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:01:40Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-j7t3-nrjj-pfgp
2
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1
1
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1
aliases CVE-2026-23943
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h1k4-x8vr-5bch
5
url VCID-j7t3-nrjj-pfgp
vulnerability_id VCID-j7t3-nrjj-pfgp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28810.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28810.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-28810
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15583
published_at 2026-04-07T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15668
published_at 2026-04-08T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.1566
published_at 2026-04-12T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15695
published_at 2026-04-11T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15727
published_at 2026-04-09T12:55:00Z
5
value 0.00066
scoring_system epss
scoring_elements 0.20501
published_at 2026-04-16T12:55:00Z
6
value 0.00066
scoring_system epss
scoring_elements 0.2051
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-28810
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28810
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455868
reference_id 2455868
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455868
5
reference_url https://github.com/erlang/otp/commit/36f23c9d2cc54afe83671dd7343596d7972839a5
reference_id 36f23c9d2cc54afe83671dd7343596d7972839a5
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/
url https://github.com/erlang/otp/commit/36f23c9d2cc54afe83671dd7343596d7972839a5
6
reference_url https://github.com/erlang/otp/commit/b057a9d995017b1be50d6dc02edd52382f3231b8
reference_id b057a9d995017b1be50d6dc02edd52382f3231b8
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/
url https://github.com/erlang/otp/commit/b057a9d995017b1be50d6dc02edd52382f3231b8
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
8
reference_url https://cna.erlef.org/cves/CVE-2026-28810.html
reference_id CVE-2026-28810.html
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/
url https://cna.erlef.org/cves/CVE-2026-28810.html
9
reference_url https://github.com/erlang/otp/commit/dd15e8eb03548c5e55e9915f0e91389ec6bad9fd
reference_id dd15e8eb03548c5e55e9915f0e91389ec6bad9fd
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/
url https://github.com/erlang/otp/commit/dd15e8eb03548c5e55e9915f0e91389ec6bad9fd
10
reference_url https://osv.dev/vulnerability/EEF-CVE-2026-28810
reference_id EEF-CVE-2026-28810
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/
url https://osv.dev/vulnerability/EEF-CVE-2026-28810
11
reference_url https://github.com/erlang/otp/security/advisories/GHSA-v884-5jg5-whj8
reference_id GHSA-v884-5jg5-whj8
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/
url https://github.com/erlang/otp/security/advisories/GHSA-v884-5jg5-whj8
12
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:27:52Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1
aliases CVE-2026-28810
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7t3-nrjj-pfgp
6
url VCID-jxzt-8wru-6yhk
vulnerability_id VCID-jxzt-8wru-6yhk
summary erlang: Erlang Exhaustion of File Handles
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48041.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48041
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-04T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31511
published_at 2026-04-02T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36463
published_at 2026-04-16T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.364
published_at 2026-04-07T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36451
published_at 2026-04-08T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36471
published_at 2026-04-09T12:55:00Z
6
value 0.00156
scoring_system epss
scoring_elements 0.36479
published_at 2026-04-11T12:55:00Z
7
value 0.00156
scoring_system epss
scoring_elements 0.36443
published_at 2026-04-12T12:55:00Z
8
value 0.00156
scoring_system epss
scoring_elements 0.36422
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48041
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48041
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/pull/10157
reference_id 10157
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/pull/10157
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115090
reference_id 1115090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115090
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394520
reference_id 2394520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394520
7
reference_url https://github.com/erlang/otp/commit/5f9af63eec4657a37663828d206517828cb9f288
reference_id 5f9af63eec4657a37663828d206517828cb9f288
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/commit/5f9af63eec4657a37663828d206517828cb9f288
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
9
reference_url https://cna.erlef.org/cves/CVE-2025-48041.html
reference_id CVE-2025-48041.html
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://cna.erlef.org/cves/CVE-2025-48041.html
10
reference_url https://github.com/erlang/otp/commit/d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401
reference_id d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/commit/d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401
11
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-48041
reference_id EEF-CVE-2025-48041
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-48041
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-79c4-cvv7-4qm3
reference_id GHSA-79c4-cvv7-4qm3
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/security/advisories/GHSA-79c4-cvv7-4qm3
13
reference_url https://usn.ubuntu.com/7831-1/
reference_id USN-7831-1
reference_type
scores
url https://usn.ubuntu.com/7831-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2025-48041
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxzt-8wru-6yhk
7
url VCID-s9qn-9qdm-j7ej
vulnerability_id VCID-s9qn-9qdm-j7ej
summary Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/http_server/httpd_request.erl and program routines httpd_request:parse_headers/7. The server does not reject or normalize duplicate Content-Length headers. The earliest Content-Length in the request is used for body parsing while common reverse proxies (nginx, Apache httpd, Envoy) honor the last Content-Length value. This violates RFC 9112 Section 6.3 and allows front-end/back-end desynchronization, leaving attacker-controlled bytes queued as the start of the next request. This issue affects OTP from OTP 17.0 until OTP 28.4.1, OTP 27.3.4.9 and OTP 26.2.5.18, corresponding to inets from 5.10 until 9.6.1, 9.3.2.3 and 9.1.0.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23941
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05607
published_at 2026-04-04T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05569
published_at 2026-04-02T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06244
published_at 2026-04-13T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06254
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-11T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06269
published_at 2026-04-09T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06231
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-07T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06944
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23941
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23941
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912
reference_id 1130912
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912
4
reference_url https://github.com/erlang/otp/commit/a4b46336fd25aa100ac602eb9a627aaead7eda18
reference_id a4b46336fd25aa100ac602eb9a627aaead7eda18
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/
url https://github.com/erlang/otp/commit/a4b46336fd25aa100ac602eb9a627aaead7eda18
5
reference_url https://github.com/erlang/otp/commit/a761d391d8d08316cbd7d4a86733ba932b73c45b
reference_id a761d391d8d08316cbd7d4a86733ba932b73c45b
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/
url https://github.com/erlang/otp/commit/a761d391d8d08316cbd7d4a86733ba932b73c45b
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
7
reference_url https://cna.erlef.org/cves/CVE-2026-23941.html
reference_id CVE-2026-23941.html
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/
url https://cna.erlef.org/cves/CVE-2026-23941.html
8
reference_url https://github.com/erlang/otp/commit/e775a332f623851385ab6ddb866d9b150612ddf6
reference_id e775a332f623851385ab6ddb866d9b150612ddf6
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/
url https://github.com/erlang/otp/commit/e775a332f623851385ab6ddb866d9b150612ddf6
9
reference_url https://osv.dev/vulnerability/EEF-CVE-2026-23941
reference_id EEF-CVE-2026-23941
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/
url https://osv.dev/vulnerability/EEF-CVE-2026-23941
10
reference_url https://github.com/erlang/otp/security/advisories/GHSA-w4jc-9wpv-pqh7
reference_id GHSA-w4jc-9wpv-pqh7
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/
url https://github.com/erlang/otp/security/advisories/GHSA-w4jc-9wpv-pqh7
11
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:00:50Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-j7t3-nrjj-pfgp
2
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1
1
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1
aliases CVE-2026-23941
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s9qn-9qdm-j7ej
8
url VCID-w9yj-xg82-kyac
vulnerability_id VCID-w9yj-xg82-kyac
summary erlang: Erlang OTP tftp_file modules: Information disclosure via relative path traversal
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21620.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21620.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-21620
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07616
published_at 2026-04-16T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07646
published_at 2026-04-07T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07705
published_at 2026-04-08T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07724
published_at 2026-04-09T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07721
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07706
published_at 2026-04-12T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07691
published_at 2026-04-13T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.07919
published_at 2026-04-04T12:55:00Z
8
value 0.00028
scoring_system epss
scoring_elements 0.0787
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-21620
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21620
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/pull/10706
reference_id 10706
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://github.com/erlang/otp/pull/10706
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128651
reference_id 1128651
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128651
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2441326
reference_id 2441326
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2441326
7
reference_url https://github.com/erlang/otp/commit/3970738f687325138eb75f798054fa8960ac354e
reference_id 3970738f687325138eb75f798054fa8960ac354e
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://github.com/erlang/otp/commit/3970738f687325138eb75f798054fa8960ac354e
8
reference_url https://github.com/erlang/otp/commit/655fb95725ba2fb811740b57e106873833824344
reference_id 655fb95725ba2fb811740b57e106873833824344
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://github.com/erlang/otp/commit/655fb95725ba2fb811740b57e106873833824344
9
reference_url https://github.com/erlang/otp/commit/696fdec922661d4a3cc528fc34bc24fae8d4ad8a
reference_id 696fdec922661d4a3cc528fc34bc24fae8d4ad8a
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://github.com/erlang/otp/commit/696fdec922661d4a3cc528fc34bc24fae8d4ad8a
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
11
reference_url https://cna.erlef.org/cves/CVE-2026-21620.html
reference_id CVE-2026-21620.html
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://cna.erlef.org/cves/CVE-2026-21620.html
12
reference_url https://osv.dev/vulnerability/EEF-CVE-2026-21620
reference_id EEF-CVE-2026-21620
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://osv.dev/vulnerability/EEF-CVE-2026-21620
13
reference_url https://github.com/erlang/otp/security/advisories/GHSA-hmrc-prh3-rpvp
reference_id GHSA-hmrc-prh3-rpvp
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://github.com/erlang/otp/security/advisories/GHSA-hmrc-prh3-rpvp
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T13:36:03Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-j7t3-nrjj-pfgp
2
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1
1
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1
aliases CVE-2026-21620
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9yj-xg82-kyac
9
url VCID-wwcj-hwqc-f3g7
vulnerability_id VCID-wwcj-hwqc-f3g7
summary Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routines ssh_sftpd:is_within_root/2. The SFTP server uses string prefix matching via lists:prefix/2 rather than proper path component validation when checking if a path is within the configured root directory. This allows authenticated users to access sibling directories that share a common name prefix with the configured root directory. For example, if root is set to /home/user1, paths like /home/user10 or /home/user1_backup would incorrectly be considered within the root. This issue affects OTP from OTP 17.0 until OTP 28.4.1, OTP 27.3.4.9 and OTP 26.2.5.18, corresponding to ssh from 3.0.1 until 5.5.1, 5.2.11.6 and 5.1.4.14.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23942
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05493
published_at 2026-04-04T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05459
published_at 2026-04-02T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.0612
published_at 2026-04-13T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06128
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06132
published_at 2026-04-11T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06141
published_at 2026-04-09T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06101
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06061
published_at 2026-04-07T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07214
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23942
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23942
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912
reference_id 1130912
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130912
4
reference_url https://github.com/erlang/otp/commit/27688a824f753d4c16371dc70e88753fb410590b
reference_id 27688a824f753d4c16371dc70e88753fb410590b
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/
url https://github.com/erlang/otp/commit/27688a824f753d4c16371dc70e88753fb410590b
5
reference_url https://github.com/erlang/otp/commit/5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759
reference_id 5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/
url https://github.com/erlang/otp/commit/5ed603a1211b83b8be2d1fc06d3f3bf30c3c9759
6
reference_url https://github.com/erlang/otp/commit/9e0ac85d3485e7898e0da88a14be0ee2310a3b28
reference_id 9e0ac85d3485e7898e0da88a14be0ee2310a3b28
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/
url https://github.com/erlang/otp/commit/9e0ac85d3485e7898e0da88a14be0ee2310a3b28
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
8
reference_url https://cna.erlef.org/cves/CVE-2026-23942.html
reference_id CVE-2026-23942.html
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/
url https://cna.erlef.org/cves/CVE-2026-23942.html
9
reference_url https://osv.dev/vulnerability/EEF-CVE-2026-23942
reference_id EEF-CVE-2026-23942
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/
url https://osv.dev/vulnerability/EEF-CVE-2026-23942
10
reference_url https://github.com/erlang/otp/security/advisories/GHSA-4749-w85x-hw9h
reference_id GHSA-4749-w85x-hw9h
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/
url https://github.com/erlang/otp/security/advisories/GHSA-4749-w85x-hw9h
11
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-13T16:02:31Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.9%2Bdfsg-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-j7t3-nrjj-pfgp
2
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.9%252Bdfsg-1
1
url pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
purl pkg:deb/debian/erlang@1:27.3.4.10%2Bdfsg-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.10%252Bdfsg-1
aliases CVE-2026-23942
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwcj-hwqc-f3g7
10
url VCID-xcks-117s-v3dd
vulnerability_id VCID-xcks-117s-v3dd
summary erlang: allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy serve
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000107.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000107.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1000107
reference_id
reference_type
scores
0
value 0.00399
scoring_system epss
scoring_elements 0.60612
published_at 2026-04-02T12:55:00Z
1
value 0.00399
scoring_system epss
scoring_elements 0.60641
published_at 2026-04-04T12:55:00Z
2
value 0.00399
scoring_system epss
scoring_elements 0.60537
published_at 2026-04-01T12:55:00Z
3
value 0.00479
scoring_system epss
scoring_elements 0.65084
published_at 2026-04-11T12:55:00Z
4
value 0.00479
scoring_system epss
scoring_elements 0.65073
published_at 2026-04-12T12:55:00Z
5
value 0.00479
scoring_system epss
scoring_elements 0.65045
published_at 2026-04-13T12:55:00Z
6
value 0.00479
scoring_system epss
scoring_elements 0.65083
published_at 2026-04-16T12:55:00Z
7
value 0.00479
scoring_system epss
scoring_elements 0.65002
published_at 2026-04-07T12:55:00Z
8
value 0.00479
scoring_system epss
scoring_elements 0.65052
published_at 2026-04-08T12:55:00Z
9
value 0.00479
scoring_system epss
scoring_elements 0.65066
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1000107
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000107
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000107
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115086
reference_id 1115086
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115086
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1824460
reference_id 1824460
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1824460
fixed_packages
0
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2016-1000107
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xcks-117s-v3dd
Fixing_vulnerabilities
0
url VCID-1283-nvxm-r7cw
vulnerability_id VCID-1283-nvxm-r7cw
summary erlang: Erlang Excessive Use of System Resources
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48038.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48038.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48038
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-04T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31511
published_at 2026-04-02T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36463
published_at 2026-04-16T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.364
published_at 2026-04-07T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36451
published_at 2026-04-08T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36471
published_at 2026-04-09T12:55:00Z
6
value 0.00156
scoring_system epss
scoring_elements 0.36479
published_at 2026-04-11T12:55:00Z
7
value 0.00156
scoring_system epss
scoring_elements 0.36443
published_at 2026-04-12T12:55:00Z
8
value 0.00156
scoring_system epss
scoring_elements 0.36422
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48038
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48038
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/pull/10156
reference_id 10156
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/pull/10156
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115093
reference_id 1115093
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115093
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394522
reference_id 2394522
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394522
7
reference_url https://github.com/erlang/otp/commit/4e3bf86777ab3db7220c11d8ddabf15970ddd10a
reference_id 4e3bf86777ab3db7220c11d8ddabf15970ddd10a
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/commit/4e3bf86777ab3db7220c11d8ddabf15970ddd10a
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
9
reference_url https://cna.erlef.org/cves/CVE-2025-48038.html
reference_id CVE-2025-48038.html
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://cna.erlef.org/cves/CVE-2025-48038.html
10
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-48038
reference_id EEF-CVE-2025-48038
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-48038
11
reference_url https://github.com/erlang/otp/commit/f09e0201ff701993dc24a08f15e524daf72db42f
reference_id f09e0201ff701993dc24a08f15e524daf72db42f
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/commit/f09e0201ff701993dc24a08f15e524daf72db42f
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r
reference_id GHSA-pvj7-9652-7h9r
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://github.com/erlang/otp/security/advisories/GHSA-pvj7-9652-7h9r
13
reference_url https://usn.ubuntu.com/7831-1/
reference_id USN-7831-1
reference_type
scores
url https://usn.ubuntu.com/7831-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:56Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
1
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2025-48038
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1283-nvxm-r7cw
1
url VCID-c3vm-u9jn-83cs
vulnerability_id VCID-c3vm-u9jn-83cs
summary erlang: Erlang Excessive Use of System Resources
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48039.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48039.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48039
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-04T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31511
published_at 2026-04-02T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36463
published_at 2026-04-16T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.364
published_at 2026-04-07T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36451
published_at 2026-04-08T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36471
published_at 2026-04-09T12:55:00Z
6
value 0.00156
scoring_system epss
scoring_elements 0.36479
published_at 2026-04-11T12:55:00Z
7
value 0.00156
scoring_system epss
scoring_elements 0.36443
published_at 2026-04-12T12:55:00Z
8
value 0.00156
scoring_system epss
scoring_elements 0.36422
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48039
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48039
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/commit/043ee3c943e2977c1acdd740ad13992fd60b6bf0
reference_id 043ee3c943e2977c1acdd740ad13992fd60b6bf0
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/commit/043ee3c943e2977c1acdd740ad13992fd60b6bf0
5
reference_url https://github.com/erlang/otp/pull/10155
reference_id 10155
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/pull/10155
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115092
reference_id 1115092
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115092
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394523
reference_id 2394523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394523
8
reference_url https://github.com/erlang/otp/commit/c242e6458967e9514bea351814151695807a54ac
reference_id c242e6458967e9514bea351814151695807a54ac
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/commit/c242e6458967e9514bea351814151695807a54ac
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
10
reference_url https://cna.erlef.org/cves/CVE-2025-48039.html
reference_id CVE-2025-48039.html
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://cna.erlef.org/cves/CVE-2025-48039.html
11
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-48039
reference_id EEF-CVE-2025-48039
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-48039
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-rr5p-6856-j7h8
reference_id GHSA-rr5p-6856-j7h8
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://github.com/erlang/otp/security/advisories/GHSA-rr5p-6856-j7h8
13
reference_url https://usn.ubuntu.com/7831-1/
reference_id USN-7831-1
reference_type
scores
url https://usn.ubuntu.com/7831-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:44Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
1
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2025-48039
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3vm-u9jn-83cs
2
url VCID-jg37-ud9r-d3h7
vulnerability_id VCID-jg37-ud9r-d3h7
summary Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32433
reference_id
reference_type
scores
0
value 0.53597
scoring_system epss
scoring_elements 0.97996
published_at 2026-04-16T12:55:00Z
1
value 0.53597
scoring_system epss
scoring_elements 0.9799
published_at 2026-04-13T12:55:00Z
2
value 0.53995
scoring_system epss
scoring_elements 0.97998
published_at 2026-04-04T12:55:00Z
3
value 0.53995
scoring_system epss
scoring_elements 0.97996
published_at 2026-04-02T12:55:00Z
4
value 0.53995
scoring_system epss
scoring_elements 0.98005
published_at 2026-04-08T12:55:00Z
5
value 0.53995
scoring_system epss
scoring_elements 0.98
published_at 2026-04-07T12:55:00Z
6
value 0.5672
scoring_system epss
scoring_elements 0.98123
published_at 2026-04-09T12:55:00Z
7
value 0.5672
scoring_system epss
scoring_elements 0.98128
published_at 2026-04-12T12:55:00Z
8
value 0.5672
scoring_system epss
scoring_elements 0.98127
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32433
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32433
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32433
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12
reference_id 0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/
url https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103442
reference_id 1103442
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103442
5
reference_url https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f
reference_id 6eef04130afc8b0ccb63c9a0d8650209cf54892f
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/
url https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f
6
reference_url https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891
reference_id b1924d37fd83c070055beb115d5d6a6a9490b891
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/
url https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891
7
reference_url https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
reference_id GHSA-37cp-fgq5-7wc2
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-08-20T03:55:59Z/
url https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2
8
reference_url https://usn.ubuntu.com/7443-1/
reference_id USN-7443-1
reference_type
scores
url https://usn.ubuntu.com/7443-1/
9
reference_url https://usn.ubuntu.com/7443-2/
reference_id USN-7443-2
reference_type
scores
url https://usn.ubuntu.com/7443-2/
10
reference_url https://usn.ubuntu.com/7443-3/
reference_id USN-7443-3
reference_type
scores
url https://usn.ubuntu.com/7443-3/
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
aliases CVE-2025-32433
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jg37-ud9r-d3h7
3
url VCID-jxzt-8wru-6yhk
vulnerability_id VCID-jxzt-8wru-6yhk
summary erlang: Erlang Exhaustion of File Handles
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48041.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48041
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31553
published_at 2026-04-04T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31511
published_at 2026-04-02T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36463
published_at 2026-04-16T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.364
published_at 2026-04-07T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36451
published_at 2026-04-08T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36471
published_at 2026-04-09T12:55:00Z
6
value 0.00156
scoring_system epss
scoring_elements 0.36479
published_at 2026-04-11T12:55:00Z
7
value 0.00156
scoring_system epss
scoring_elements 0.36443
published_at 2026-04-12T12:55:00Z
8
value 0.00156
scoring_system epss
scoring_elements 0.36422
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48041
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48041
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/pull/10157
reference_id 10157
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/pull/10157
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115090
reference_id 1115090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1115090
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394520
reference_id 2394520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394520
7
reference_url https://github.com/erlang/otp/commit/5f9af63eec4657a37663828d206517828cb9f288
reference_id 5f9af63eec4657a37663828d206517828cb9f288
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/commit/5f9af63eec4657a37663828d206517828cb9f288
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
9
reference_url https://cna.erlef.org/cves/CVE-2025-48041.html
reference_id CVE-2025-48041.html
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://cna.erlef.org/cves/CVE-2025-48041.html
10
reference_url https://github.com/erlang/otp/commit/d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401
reference_id d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/commit/d49efa2d4fa9e6f7ee658719cd76ffe7a33c2401
11
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-48041
reference_id EEF-CVE-2025-48041
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-48041
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-79c4-cvv7-4qm3
reference_id GHSA-79c4-cvv7-4qm3
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://github.com/erlang/otp/security/advisories/GHSA-79c4-cvv7-4qm3
13
reference_url https://usn.ubuntu.com/7831-1/
reference_id USN-7831-1
reference_type
scores
url https://usn.ubuntu.com/7831-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-11T13:30:20Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
1
url pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
purl pkg:deb/debian/erlang@1:27.3.4.1%2Bdfsg-1%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gcn7-ak4r-eba3
1
vulnerability VCID-h1k4-x8vr-5bch
2
vulnerability VCID-j7t3-nrjj-pfgp
3
vulnerability VCID-s9qn-9qdm-j7ej
4
vulnerability VCID-w9yj-xg82-kyac
5
vulnerability VCID-wwcj-hwqc-f3g7
6
vulnerability VCID-zegc-rj1x-ryau
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:27.3.4.1%252Bdfsg-1%252Bdeb13u1
aliases CVE-2025-48041
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxzt-8wru-6yhk
4
url VCID-jzn6-bzzf-nugp
vulnerability_id VCID-jzn6-bzzf-nugp
summary 
Improper Validation of Integrity Check Value
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
references
0
reference_url http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-48795
reference_id
reference_type
scores
0
value 0.5673
scoring_system epss
scoring_elements 0.98124
published_at 2026-04-09T12:55:00Z
1
value 0.5673
scoring_system epss
scoring_elements 0.98134
published_at 2026-04-16T12:55:00Z
2
value 0.5673
scoring_system epss
scoring_elements 0.98129
published_at 2026-04-13T12:55:00Z
3
value 0.5673
scoring_system epss
scoring_elements 0.98128
published_at 2026-04-12T12:55:00Z
4
value 0.5673
scoring_system epss
scoring_elements 0.98114
published_at 2026-04-02T12:55:00Z
5
value 0.5673
scoring_system epss
scoring_elements 0.98118
published_at 2026-04-04T12:55:00Z
6
value 0.5673
scoring_system epss
scoring_elements 0.98119
published_at 2026-04-07T12:55:00Z
7
value 0.5673
scoring_system epss
scoring_elements 0.98123
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-48795
3
reference_url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack
4
reference_url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
5
reference_url https://bugs.gentoo.org/920280
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugs.gentoo.org/920280
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2254210
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2254210
7
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1217950
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1217950
8
reference_url https://crates.io/crates/thrussh/versions
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://crates.io/crates/thrussh/versions
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918
13
reference_url http://seclists.org/fulldisclosure/2024/Mar/21
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://seclists.org/fulldisclosure/2024/Mar/21
14
reference_url https://filezilla-project.org/versions.php
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://filezilla-project.org/versions.php
15
reference_url https://forum.netgate.com/topic/184941/terrapin-ssh-attack
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://forum.netgate.com/topic/184941/terrapin-ssh-attack
16
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
17
reference_url https://github.com/apache/mina-sshd/issues/445
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/apache/mina-sshd/issues/445
18
reference_url https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
19
reference_url https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
20
reference_url https://github.com/cyd01/KiTTY/issues/520
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/cyd01/KiTTY/issues/520
21
reference_url https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
22
reference_url https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
23
reference_url https://github.com/erlang/otp/releases/tag/OTP-26.2.1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/erlang/otp/releases/tag/OTP-26.2.1
24
reference_url https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
25
reference_url https://github.com/hierynomus/sshj/issues/916
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/hierynomus/sshj/issues/916
26
reference_url https://github.com/janmojzis/tinyssh/issues/81
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/janmojzis/tinyssh/issues/81
27
reference_url https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
28
reference_url https://github.com/libssh2/libssh2/pull/1291
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/libssh2/libssh2/pull/1291
29
reference_url https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
30
reference_url https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
31
reference_url https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
32
reference_url https://github.com/mwiede/jsch/issues/457
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/issues/457
33
reference_url https://github.com/mwiede/jsch/pull/461
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/pull/461
34
reference_url https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
35
reference_url https://github.com/NixOS/nixpkgs/pull/275249
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/NixOS/nixpkgs/pull/275249
36
reference_url https://github.com/openssh/openssh-portable/commits/master
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/openssh/openssh-portable/commits/master
37
reference_url https://github.com/paramiko/paramiko/issues/2337
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/paramiko/paramiko/issues/2337
38
reference_url https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773
39
reference_url https://github.com/PowerShell/Win32-OpenSSH/issues/2189
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/PowerShell/Win32-OpenSSH/issues/2189
40
reference_url https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
41
reference_url https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
42
reference_url https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
43
reference_url https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
44
reference_url https://github.com/proftpd/proftpd/issues/456
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/issues/456
45
reference_url https://github.com/rapier1/hpn-ssh/releases
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/rapier1/hpn-ssh/releases
46
reference_url https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
47
reference_url https://github.com/ronf/asyncssh/tags
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ronf/asyncssh/tags
48
reference_url https://github.com/ssh-mitm/ssh-mitm/issues/165
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ssh-mitm/ssh-mitm/issues/165
49
reference_url https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
50
reference_url https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
51
reference_url https://github.com/warp-tech/russh
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh
52
reference_url https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951
53
reference_url https://github.com/warp-tech/russh/releases/tag/v0.40.2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/warp-tech/russh/releases/tag/v0.40.2
54
reference_url https://gitlab.com/libssh/libssh-mirror/-/tags
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://gitlab.com/libssh/libssh-mirror/-/tags
55
reference_url https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
56
reference_url https://go.dev/cl/550715
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/550715
57
reference_url https://go.dev/issue/64784
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/64784
58
reference_url https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
59
reference_url https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
60
reference_url https://help.panic.com/releasenotes/transmit5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://help.panic.com/releasenotes/transmit5
61
reference_url https://help.panic.com/releasenotes/transmit5/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://help.panic.com/releasenotes/transmit5/
62
reference_url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795
63
reference_url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
64
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
65
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
66
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
67
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
68
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
69
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html
70
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
71
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
72
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS
73
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
74
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
75
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/
76
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
77
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
78
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/
79
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
80
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y
83
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/
84
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
85
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
86
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
87
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD
88
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/
89
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
90
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
91
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
92
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/
93
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7
94
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/
95
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
96
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
97
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
98
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
99
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
100
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
101
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
102
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
103
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
104
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
105
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
106
reference_url https://matt.ucc.asn.au/dropbear/CHANGES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://matt.ucc.asn.au/dropbear/CHANGES
107
reference_url https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
108
reference_url https://news.ycombinator.com/item?id=38684904
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38684904
109
reference_url https://news.ycombinator.com/item?id=38685286
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38685286
110
reference_url https://news.ycombinator.com/item?id=38732005
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38732005
111
reference_url https://nova.app/releases/#v11.8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://nova.app/releases/#v11.8
112
reference_url https://oryx-embedded.com/download/#changelog
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://oryx-embedded.com/download/#changelog
113
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
114
reference_url https://roumenpetrov.info/secsh/#news20231220
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://roumenpetrov.info/secsh/#news20231220
115
reference_url https://security.gentoo.org/glsa/202312-16
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.gentoo.org/glsa/202312-16
116
reference_url https://security.gentoo.org/glsa/202312-17
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.gentoo.org/glsa/202312-17
117
reference_url https://security.netapp.com/advisory/ntap-20240105-0004
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240105-0004
118
reference_url https://security-tracker.debian.org/tracker/source-package/libssh2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/libssh2
119
reference_url https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
120
reference_url https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
121
reference_url https://support.apple.com/kb/HT214084
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://support.apple.com/kb/HT214084
122
reference_url https://twitter.com/TrueSkrillor/status/1736774389725565005
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://twitter.com/TrueSkrillor/status/1736774389725565005
123
reference_url https://winscp.net/eng/docs/history#6.2.2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://winscp.net/eng/docs/history#6.2.2
124
reference_url https://www.bitvise.com/ssh-client-version-history#933
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.bitvise.com/ssh-client-version-history#933
125
reference_url https://www.bitvise.com/ssh-server-version-history
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.bitvise.com/ssh-server-version-history
126
reference_url https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
127
reference_url https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
128
reference_url https://www.debian.org/security/2023/dsa-5586
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.debian.org/security/2023/dsa-5586
129
reference_url https://www.debian.org/security/2023/dsa-5588
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.debian.org/security/2023/dsa-5588
130
reference_url https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
131
reference_url https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
132
reference_url https://www.netsarang.com/en/xshell-update-history
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.netsarang.com/en/xshell-update-history
133
reference_url https://www.netsarang.com/en/xshell-update-history/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.netsarang.com/en/xshell-update-history/
134
reference_url https://www.openssh.com/openbsd.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openssh.com/openbsd.html
135
reference_url https://www.openssh.com/txt/release-9.6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openssh.com/txt/release-9.6
136
reference_url https://www.openwall.com/lists/oss-security/2023/12/18/2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openwall.com/lists/oss-security/2023/12/18/2
137
reference_url https://www.openwall.com/lists/oss-security/2023/12/20/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openwall.com/lists/oss-security/2023/12/20/3
138
reference_url https://www.paramiko.org/changelog.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.paramiko.org/changelog.html
139
reference_url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed
140
reference_url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
141
reference_url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795
142
reference_url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
143
reference_url https://www.terrapin-attack.com
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.terrapin-attack.com
144
reference_url https://www.theregister.com/2023/12/20/terrapin_attack_ssh
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.theregister.com/2023/12/20/terrapin_attack_ssh
145
reference_url https://www.vandyke.com/products/securecrt/history.txt
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.vandyke.com/products/securecrt/history.txt
146
reference_url http://www.openwall.com/lists/oss-security/2023/12/18/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/18/3
147
reference_url http://www.openwall.com/lists/oss-security/2023/12/19/5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/19/5
148
reference_url http://www.openwall.com/lists/oss-security/2023/12/20/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/20/3
149
reference_url http://www.openwall.com/lists/oss-security/2024/03/06/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2024/03/06/3
150
reference_url http://www.openwall.com/lists/oss-security/2024/04/17/8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2024/04/17/8
151
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001
reference_id 1059001
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001
152
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002
reference_id 1059002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002
153
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003
reference_id 1059003
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003
154
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004
reference_id 1059004
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004
155
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005
reference_id 1059005
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005
156
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006
reference_id 1059006
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006
157
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007
reference_id 1059007
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007
158
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058
reference_id 1059058
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058
159
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144
reference_id 1059144
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144
160
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290
reference_id 1059290
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290
161
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294
reference_id 1059294
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294
162
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/
reference_id 33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/
163
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/
reference_id 3CAYYW35MUTNO65RVAELICTNZZFMT2XS
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/
164
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/
reference_id 3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/
165
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/
reference_id 6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/
166
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/
reference_id BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/
167
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/
reference_id C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/
168
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/
reference_id CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/
169
reference_url https://access.redhat.com/security/cve/cve-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://access.redhat.com/security/cve/cve-2023-48795
170
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-48795
171
reference_url https://security-tracker.debian.org/tracker/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/CVE-2023-48795
172
reference_url https://ubuntu.com/security/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://ubuntu.com/security/CVE-2023-48795
173
reference_url https://thorntech.com/cve-2023-48795-and-sftp-gateway
reference_id CVE-2023-48795-AND-SFTP-GATEWAY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://thorntech.com/cve-2023-48795-and-sftp-gateway
174
reference_url https://thorntech.com/cve-2023-48795-and-sftp-gateway/
reference_id CVE-2023-48795-AND-SFTP-GATEWAY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://thorntech.com/cve-2023-48795-and-sftp-gateway/
175
reference_url https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit
reference_id CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit
176
reference_url https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability
reference_id CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability
177
reference_url https://github.com/advisories/GHSA-45x7-px36-x8w8
reference_id GHSA-45x7-px36-x8w8
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/advisories/GHSA-45x7-px36-x8w8
178
reference_url https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8
reference_id GHSA-45x7-px36-x8w8
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8
179
reference_url https://security.gentoo.org/glsa/202407-11
reference_id GLSA-202407-11
reference_type
scores
url https://security.gentoo.org/glsa/202407-11
180
reference_url https://security.gentoo.org/glsa/202407-12
reference_id GLSA-202407-12
reference_type
scores
url https://security.gentoo.org/glsa/202407-12
181
reference_url https://security.gentoo.org/glsa/202509-06
reference_id GLSA-202509-06
reference_type
scores
url https://security.gentoo.org/glsa/202509-06
182
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/
reference_id HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/
183
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/
reference_id I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/
184
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/
reference_id KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/
185
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/
reference_id L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/
186
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/
reference_id LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/
187
reference_url https://security.netapp.com/advisory/ntap-20240105-0004/
reference_id ntap-20240105-0004
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.netapp.com/advisory/ntap-20240105-0004/
188
reference_url https://access.redhat.com/errata/RHSA-2023:7197
reference_id RHSA-2023:7197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7197
189
reference_url https://access.redhat.com/errata/RHSA-2023:7198
reference_id RHSA-2023:7198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7198
190
reference_url https://access.redhat.com/errata/RHSA-2023:7201
reference_id RHSA-2023:7201
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7201
191
reference_url https://access.redhat.com/errata/RHSA-2024:0040
reference_id RHSA-2024:0040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0040
192
reference_url https://access.redhat.com/errata/RHSA-2024:0429
reference_id RHSA-2024:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0429
193
reference_url https://access.redhat.com/errata/RHSA-2024:0455
reference_id RHSA-2024:0455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0455
194
reference_url https://access.redhat.com/errata/RHSA-2024:0499
reference_id RHSA-2024:0499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0499
195
reference_url https://access.redhat.com/errata/RHSA-2024:0538
reference_id RHSA-2024:0538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0538
196
reference_url https://access.redhat.com/errata/RHSA-2024:0594
reference_id RHSA-2024:0594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0594
197
reference_url https://access.redhat.com/errata/RHSA-2024:0606
reference_id RHSA-2024:0606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0606
198
reference_url https://access.redhat.com/errata/RHSA-2024:0625
reference_id RHSA-2024:0625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0625
199
reference_url https://access.redhat.com/errata/RHSA-2024:0628
reference_id RHSA-2024:0628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0628
200
reference_url https://access.redhat.com/errata/RHSA-2024:0766
reference_id RHSA-2024:0766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0766
201
reference_url https://access.redhat.com/errata/RHSA-2024:0789
reference_id RHSA-2024:0789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0789
202
reference_url https://access.redhat.com/errata/RHSA-2024:0843
reference_id RHSA-2024:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0843
203
reference_url https://access.redhat.com/errata/RHSA-2024:0880
reference_id RHSA-2024:0880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0880
204
reference_url https://access.redhat.com/errata/RHSA-2024:0954
reference_id RHSA-2024:0954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0954
205
reference_url https://access.redhat.com/errata/RHSA-2024:1130
reference_id RHSA-2024:1130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1130
206
reference_url https://access.redhat.com/errata/RHSA-2024:1150
reference_id RHSA-2024:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1150
207
reference_url https://access.redhat.com/errata/RHSA-2024:1192
reference_id RHSA-2024:1192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1192
208
reference_url https://access.redhat.com/errata/RHSA-2024:1193
reference_id RHSA-2024:1193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1193
209
reference_url https://access.redhat.com/errata/RHSA-2024:1196
reference_id RHSA-2024:1196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1196
210
reference_url https://access.redhat.com/errata/RHSA-2024:1197
reference_id RHSA-2024:1197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1197
211
reference_url https://access.redhat.com/errata/RHSA-2024:1210
reference_id RHSA-2024:1210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1210
212
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
213
reference_url https://access.redhat.com/errata/RHSA-2024:1557
reference_id RHSA-2024:1557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1557
214
reference_url https://access.redhat.com/errata/RHSA-2024:1859
reference_id RHSA-2024:1859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1859
215
reference_url https://access.redhat.com/errata/RHSA-2024:2728
reference_id RHSA-2024:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2728
216
reference_url https://access.redhat.com/errata/RHSA-2024:2735
reference_id RHSA-2024:2735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2735
217
reference_url https://access.redhat.com/errata/RHSA-2024:2768
reference_id RHSA-2024:2768
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2768
218
reference_url https://access.redhat.com/errata/RHSA-2024:2988
reference_id RHSA-2024:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2988
219
reference_url https://access.redhat.com/errata/RHSA-2024:3479
reference_id RHSA-2024:3479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3479
220
reference_url https://access.redhat.com/errata/RHSA-2024:3634
reference_id RHSA-2024:3634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3634
221
reference_url https://access.redhat.com/errata/RHSA-2024:3635
reference_id RHSA-2024:3635
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3635
222
reference_url https://access.redhat.com/errata/RHSA-2024:3636
reference_id RHSA-2024:3636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3636
223
reference_url https://access.redhat.com/errata/RHSA-2024:3918
reference_id RHSA-2024:3918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3918
224
reference_url https://access.redhat.com/errata/RHSA-2024:4010
reference_id RHSA-2024:4010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4010
225
reference_url https://access.redhat.com/errata/RHSA-2024:4151
reference_id RHSA-2024:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4151
226
reference_url https://access.redhat.com/errata/RHSA-2024:4329
reference_id RHSA-2024:4329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4329
227
reference_url https://access.redhat.com/errata/RHSA-2024:4479
reference_id RHSA-2024:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4479
228
reference_url https://access.redhat.com/errata/RHSA-2024:4484
reference_id RHSA-2024:4484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4484
229
reference_url https://access.redhat.com/errata/RHSA-2024:4597
reference_id RHSA-2024:4597
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4597
230
reference_url https://access.redhat.com/errata/RHSA-2024:4662
reference_id RHSA-2024:4662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4662
231
reference_url https://access.redhat.com/errata/RHSA-2024:4955
reference_id RHSA-2024:4955
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4955
232
reference_url https://access.redhat.com/errata/RHSA-2024:4959
reference_id RHSA-2024:4959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4959
233
reference_url https://access.redhat.com/errata/RHSA-2024:5200
reference_id RHSA-2024:5200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5200
234
reference_url https://access.redhat.com/errata/RHSA-2024:5432
reference_id RHSA-2024:5432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5432
235
reference_url https://access.redhat.com/errata/RHSA-2024:5433
reference_id RHSA-2024:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5433
236
reference_url https://access.redhat.com/errata/RHSA-2024:5438
reference_id RHSA-2024:5438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5438
237
reference_url https://access.redhat.com/errata/RHSA-2024:8235
reference_id RHSA-2024:8235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8235
238
reference_url https://access.redhat.com/errata/RHSA-2025:4664
reference_id RHSA-2025:4664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4664
239
reference_url https://usn.ubuntu.com/6560-1/
reference_id USN-6560-1
reference_type
scores
url https://usn.ubuntu.com/6560-1/
240
reference_url https://usn.ubuntu.com/6560-2/
reference_id USN-6560-2
reference_type
scores
url https://usn.ubuntu.com/6560-2/
241
reference_url https://usn.ubuntu.com/6561-1/
reference_id USN-6561-1
reference_type
scores
url https://usn.ubuntu.com/6561-1/
242
reference_url https://usn.ubuntu.com/6585-1/
reference_id USN-6585-1
reference_type
scores
url https://usn.ubuntu.com/6585-1/
243
reference_url https://usn.ubuntu.com/6589-1/
reference_id USN-6589-1
reference_type
scores
url https://usn.ubuntu.com/6589-1/
244
reference_url https://usn.ubuntu.com/6598-1/
reference_id USN-6598-1
reference_type
scores
url https://usn.ubuntu.com/6598-1/
245
reference_url https://usn.ubuntu.com/6738-1/
reference_id USN-6738-1
reference_type
scores
url https://usn.ubuntu.com/6738-1/
246
reference_url https://usn.ubuntu.com/7051-1/
reference_id USN-7051-1
reference_type
scores
url https://usn.ubuntu.com/7051-1/
247
reference_url https://usn.ubuntu.com/7292-1/
reference_id USN-7292-1
reference_type
scores
url https://usn.ubuntu.com/7292-1/
248
reference_url https://usn.ubuntu.com/7297-1/
reference_id USN-7297-1
reference_type
scores
url https://usn.ubuntu.com/7297-1/
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
aliases CVE-2023-48795, GHSA-45x7-px36-x8w8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzn6-bzzf-nugp
5
url VCID-nqfj-97y5-suar
vulnerability_id VCID-nqfj-97y5-suar
summary erlang: KEX init error results with excessive memory usage
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30211.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30211.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-30211
reference_id
reference_type
scores
0
value 0.0055
scoring_system epss
scoring_elements 0.67928
published_at 2026-04-02T12:55:00Z
1
value 0.0055
scoring_system epss
scoring_elements 0.68002
published_at 2026-04-16T12:55:00Z
2
value 0.0055
scoring_system epss
scoring_elements 0.68014
published_at 2026-04-11T12:55:00Z
3
value 0.0055
scoring_system epss
scoring_elements 0.68
published_at 2026-04-12T12:55:00Z
4
value 0.0055
scoring_system epss
scoring_elements 0.67965
published_at 2026-04-13T12:55:00Z
5
value 0.0055
scoring_system epss
scoring_elements 0.67948
published_at 2026-04-04T12:55:00Z
6
value 0.0055
scoring_system epss
scoring_elements 0.67926
published_at 2026-04-07T12:55:00Z
7
value 0.0055
scoring_system epss
scoring_elements 0.67977
published_at 2026-04-08T12:55:00Z
8
value 0.0055
scoring_system epss
scoring_elements 0.6799
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-30211
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30211
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30211
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101713
reference_id 1101713
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101713
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2355785
reference_id 2355785
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2355785
6
reference_url https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc
reference_id GHSA-vvr3-fjhh-cfwc
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-28T15:10:23Z/
url https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc
7
reference_url https://usn.ubuntu.com/7425-1/
reference_id USN-7425-1
reference_type
scores
url https://usn.ubuntu.com/7425-1/
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
aliases CVE-2025-30211
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqfj-97y5-suar
6
url VCID-tnt7-d764-13cq
vulnerability_id VCID-tnt7-d764-13cq
summary otp: erlang: SSH SFTP packet size not verified properly in Erlang OTP
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26618.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26618.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26618
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.56924
published_at 2026-04-02T12:55:00Z
1
value 0.00343
scoring_system epss
scoring_elements 0.56968
published_at 2026-04-16T12:55:00Z
2
value 0.00343
scoring_system epss
scoring_elements 0.56971
published_at 2026-04-08T12:55:00Z
3
value 0.00343
scoring_system epss
scoring_elements 0.56975
published_at 2026-04-09T12:55:00Z
4
value 0.00343
scoring_system epss
scoring_elements 0.56982
published_at 2026-04-11T12:55:00Z
5
value 0.00343
scoring_system epss
scoring_elements 0.56963
published_at 2026-04-12T12:55:00Z
6
value 0.00343
scoring_system epss
scoring_elements 0.56939
published_at 2026-04-13T12:55:00Z
7
value 0.00343
scoring_system epss
scoring_elements 0.56945
published_at 2026-04-04T12:55:00Z
8
value 0.00343
scoring_system epss
scoring_elements 0.5692
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26618
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26618
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/erlang/otp/commit/0ed2573cbd55c92e9125c9dc70fa1ca7fed82872
reference_id 0ed2573cbd55c92e9125c9dc70fa1ca7fed82872
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-20T20:55:12Z/
url https://github.com/erlang/otp/commit/0ed2573cbd55c92e9125c9dc70fa1ca7fed82872
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2346900
reference_id 2346900
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2346900
6
reference_url https://github.com/erlang/otp/security/advisories/GHSA-78cv-45vx-q6fr
reference_id GHSA-78cv-45vx-q6fr
reference_type
scores
0
value 7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-20T20:55:12Z/
url https://github.com/erlang/otp/security/advisories/GHSA-78cv-45vx-q6fr
7
reference_url https://usn.ubuntu.com/7313-1/
reference_id USN-7313-1
reference_type
scores
url https://usn.ubuntu.com/7313-1/
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
aliases CVE-2025-26618
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnt7-d764-13cq
7
url VCID-vqnt-uyex-87fn
vulnerability_id VCID-vqnt-uyex-87fn
summary Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless the memory option is passed. This issue affects OTP from OTP 17.0 until OTP 28.0.1, OTP 27.3.4.1 and OTP 26.2.5.13, corresponding to stdlib from 2.0 until 7.0.1, 6.2.2.1 and 5.2.3.4.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4748
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2609
published_at 2026-04-02T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.26131
published_at 2026-04-04T12:55:00Z
2
value 0.00108
scoring_system epss
scoring_elements 0.2905
published_at 2026-04-07T12:55:00Z
3
value 0.00108
scoring_system epss
scoring_elements 0.29161
published_at 2026-04-11T12:55:00Z
4
value 0.00108
scoring_system epss
scoring_elements 0.29155
published_at 2026-04-09T12:55:00Z
5
value 0.00108
scoring_system epss
scoring_elements 0.29113
published_at 2026-04-08T12:55:00Z
6
value 0.00375
scoring_system epss
scoring_elements 0.59144
published_at 2026-04-16T12:55:00Z
7
value 0.00375
scoring_system epss
scoring_elements 0.59107
published_at 2026-04-13T12:55:00Z
8
value 0.00375
scoring_system epss
scoring_elements 0.59126
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4748
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4748
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939
reference_id 1107939
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939
4
reference_url https://github.com/erlang/otp/commit/578d4001575aa7647ea1efd4b2b7e3afadcc99a5
reference_id 578d4001575aa7647ea1efd4b2b7e3afadcc99a5
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/commit/578d4001575aa7647ea1efd4b2b7e3afadcc99a5
5
reference_url https://github.com/erlang/otp/commit/5a55feec10c9b69189d56723d8f237afa58d5d4f
reference_id 5a55feec10c9b69189d56723d8f237afa58d5d4f
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/commit/5a55feec10c9b69189d56723d8f237afa58d5d4f
6
reference_url https://github.com/erlang/otp/pull/9941
reference_id 9941
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/pull/9941
7
reference_url https://security.archlinux.org/AVG-2900
reference_id AVG-2900
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2900
8
reference_url https://github.com/erlang/otp/commit/ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f
reference_id ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/commit/ba2f2bc5f45fcfd2d6201ba07990a678bbf4cc8f
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
10
reference_url https://cna.erlef.org/cves/CVE-2025-4748.html
reference_id CVE-2025-4748.html
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://cna.erlef.org/cves/CVE-2025-4748.html
11
reference_url https://osv.dev/vulnerability/EEF-CVE-2025-4748
reference_id EEF-CVE-2025-4748
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://osv.dev/vulnerability/EEF-CVE-2025-4748
12
reference_url https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc
reference_id GHSA-9g37-pgj9-wrhc
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://github.com/erlang/otp/security/advisories/GHSA-9g37-pgj9-wrhc
13
reference_url https://usn.ubuntu.com/7656-1/
reference_id USN-7656-1
reference_type
scores
url https://usn.ubuntu.com/7656-1/
14
reference_url https://www.erlang.org/doc/system/versions.html#order-of-versions
reference_id versions.html#order-of-versions
reference_type
scores
0
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:10:47Z/
url https://www.erlang.org/doc/system/versions.html#order-of-versions
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
aliases CVE-2025-4748
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vqnt-uyex-87fn
8
url VCID-z6gs-aq96-gkaw
vulnerability_id VCID-z6gs-aq96-gkaw
summary Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-46712
reference_id
reference_type
scores
0
value 0.00338
scoring_system epss
scoring_elements 0.56648
published_at 2026-04-04T12:55:00Z
1
value 0.00338
scoring_system epss
scoring_elements 0.56627
published_at 2026-04-07T12:55:00Z
2
value 0.00338
scoring_system epss
scoring_elements 0.56667
published_at 2026-04-12T12:55:00Z
3
value 0.00338
scoring_system epss
scoring_elements 0.56692
published_at 2026-04-11T12:55:00Z
4
value 0.00338
scoring_system epss
scoring_elements 0.56683
published_at 2026-04-09T12:55:00Z
5
value 0.00338
scoring_system epss
scoring_elements 0.56678
published_at 2026-04-08T12:55:00Z
6
value 0.00406
scoring_system epss
scoring_elements 0.61103
published_at 2026-04-16T12:55:00Z
7
value 0.00406
scoring_system epss
scoring_elements 0.61061
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-46712
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46712
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46712
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104963
reference_id 1104963
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104963
3
reference_url https://github.com/erlang/otp/commit/e4b56a9f4a511aa9990dd86c16c61439c828df83
reference_id e4b56a9f4a511aa9990dd86c16c61439c828df83
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/
url https://github.com/erlang/otp/commit/e4b56a9f4a511aa9990dd86c16c61439c828df83
4
reference_url https://github.com/erlang/otp/security/advisories/GHSA-934x-xq38-hhqf
reference_id GHSA-934x-xq38-hhqf
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/
url https://github.com/erlang/otp/security/advisories/GHSA-934x-xq38-hhqf
5
reference_url https://github.com/erlang/otp/releases/tag/OTP-25.3.2.21
reference_id OTP-25.3.2.21
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/
url https://github.com/erlang/otp/releases/tag/OTP-25.3.2.21
6
reference_url https://github.com/erlang/otp/releases/tag/OTP-26.2.5.12
reference_id OTP-26.2.5.12
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/
url https://github.com/erlang/otp/releases/tag/OTP-26.2.5.12
7
reference_url https://github.com/erlang/otp/releases/tag/OTP-27.3.4
reference_id OTP-27.3.4
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T20:02:52Z/
url https://github.com/erlang/otp/releases/tag/OTP-27.3.4
8
reference_url https://usn.ubuntu.com/7656-1/
reference_id USN-7656-1
reference_type
scores
url https://usn.ubuntu.com/7656-1/
fixed_packages
0
url pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
purl pkg:deb/debian/erlang@1:25.2.3%2Bdfsg-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1283-nvxm-r7cw
1
vulnerability VCID-28fj-t5hy-x3gn
2
vulnerability VCID-c3vm-u9jn-83cs
3
vulnerability VCID-gcn7-ak4r-eba3
4
vulnerability VCID-h1k4-x8vr-5bch
5
vulnerability VCID-j7t3-nrjj-pfgp
6
vulnerability VCID-jxzt-8wru-6yhk
7
vulnerability VCID-s9qn-9qdm-j7ej
8
vulnerability VCID-w9yj-xg82-kyac
9
vulnerability VCID-wwcj-hwqc-f3g7
10
vulnerability VCID-xcks-117s-v3dd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3
aliases CVE-2025-46712
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6gs-aq96-gkaw
Risk_score3.8
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/erlang@1:25.2.3%252Bdfsg-1%252Bdeb12u3