| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2026-21620 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Relative Path Traversal, Improper Isolation or Compartmentalization vu ... |
| CVE-2025-48041 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Allocation of Resources Without Limits or Throttling vulnerability in ... |
| CVE-2025-48040 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh ... |
| CVE-2025-48039 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Allocation of Resources Without Limits or Throttling vulnerability in ... |
| CVE-2025-48038 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Allocation of Resources Without Limits or Throttling vulnerability in ... |
| CVE-2025-46712 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | Erlang/OTP is a set of libraries for the Erlang programming language. ... |
| Bug | Description |
|---|
| CVE-2025-32433 | Erlang/OTP is a set of libraries for the Erlang programming language. ... |
| CVE-2025-30211 | Erlang/OTP is a set of libraries for the Erlang programming language. ... |
| CVE-2025-26618 | Erlang is a programming language and runtime system for building massi ... |
| CVE-2025-4748 | Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ... |
| CVE-2024-53846 | OTP is a set of Erlang libraries, which consists of the Erlang runtime ... |
| CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in O ... |
| CVE-2022-37026 | In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before ... |
| CVE-2021-29221 | A local privilege escalation vulnerability was discovered in Erlang/OT ... |
| CVE-2020-35733 | An issue was discovered in Erlang/OTP before 23.2.2. The ssl applicati ... |
| CVE-2020-25623 | Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Director ... |
| CVE-2020-12872 | yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ... |
| CVE-2017-1000385 | The Erlang otp TLS server answers with different TLS alerts to differe ... |
| CVE-2016-10253 | An issue was discovered in Erlang/OTP 18.x. Erlang's generation of com ... |
| CVE-2015-2774 | Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes w ... |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... |
| CVE-2014-1693 | Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OT ... |
| CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... |
| CVE-2011-0766 | The random number generator in the Crypto application before 2.0.2.2, ... |