Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
erlang vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-25623
Erlang/OTP 22.3.x prior to 22.3.4.6 and 23.x prior to 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.
Erlang Erlang\\/otp
890
VMScore
CVE-2020-24916
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection.
Yaws Yaws
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
605
VMScore
CVE-2020-24379
WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection.
Yaws Yaws
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
890
VMScore
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.
Erlang Rebar3 3.0.0
Erlang Rebar3
187
VMScore
CVE-2020-12872
yaws_config.erl in Yaws up to and including 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.
Yaws Yaws
516
VMScore
CVE-2016-1000107
inets in Erlang possibly 22.1 and previous versions follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirect an application...
Erlang Erlang\\/otp
445
VMScore
CVE-2019-11287
Pivotal RabbitMQ, versions 3.7.x before 3.7.21 and 3.8.x before 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions before 1.16.7 and 1.17.x versions before 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HT...
Pivotal Software Rabbitmq
Vmware Rabbitmq
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
Debian Debian Linux 9.0
445
VMScore
CVE-2019-15160
The SweetXml (aka sweet_xml) package up to and including 0.6.6 for Erlang and Elixir allows malicious users to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD.
Kbrw Sweet Xml
355
VMScore
CVE-2019-11504
Zotonic before version 0.47 has mod_admin XSS.
Zotonic Zotonic
1 EDB exploit
605
VMScore
CVE-2019-1000014
Erlang/OTP Rebar3 version 3.7.0 up to and including 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via Victim fetches packages fro...
Erlang Rebar3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »