exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2025-46712

7 месяцев назад

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).

CVSS3: 3.7

EPSS: Низкий

CVE-2025-46712

7 месяцев назад

Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).

CVSS3: 3.7

EPSS: Низкий

CVE-2025-46712

5 месяцев назад

Erlang/OTP SSH Has Strict KEX Violations

CVSS3: 3.7

EPSS: Низкий

CVE-2025-46712

7 месяцев назад

Erlang/OTP is a set of libraries for the Erlang programming language. ...

CVSS3: 3.7

EPSS: Низкий

BDU:2025-13872

7 месяцев назад

Уязвимость набора библиотек OTP языка программирования Erlang, связанная с нарушением ожидаемого поведения, позволяющая нарушителю выполнить атаку MitM

CVSS3: 3.7

EPSS: Низкий

ROS-20251030-05

около 1 месяца назад

Множественные уязвимости erlang

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-46712 Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).	CVSS3: 3.7	0% Низкий	7 месяцев назад
CVE-2025-46712 Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).	CVSS3: 3.7	0% Низкий	7 месяцев назад
CVE-2025-46712 Erlang/OTP SSH Has Strict KEX Violations	CVSS3: 3.7	0% Низкий	5 месяцев назад
CVE-2025-46712 Erlang/OTP is a set of libraries for the Erlang programming language. ...	CVSS3: 3.7	0% Низкий	7 месяцев назад
BDU:2025-13872 Уязвимость набора библиотек OTP языка программирования Erlang, связанная с нарушением ожидаемого поведения, позволяющая нарушителю выполнить атаку MitM	CVSS3: 3.7	0% Низкий	7 месяцев назад
ROS-20251030-05 Множественные уязвимости erlang	CVSS3: 5.3		около 1 месяца назад

Уязвимостей на страницу