Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-42789 (GCVE-0-2026-42789)
Vulnerability from cvelistv5 – Published: 2026-05-27 12:23 – Updated: 2026-05-27 15:46
VLAI
EPSS
Title
Non-CA certificate accepted as intermediate issuer in public_key path validation
Summary
Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.
In lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.
Any party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim's trust store, can use that certificate's private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.
This issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://github.com/erlang/otp/security/advisories… | vendor-advisoryrelated |
| https://cna.erlef.org/cves/CVE-2026-42789.html | related |
| https://osv.dev/vulnerability/EEF-CVE-2026-42789 | related |
| https://www.erlang.org/doc/system/versions.html#o… | x_version-scheme |
| https://github.com/erlang/otp/commit/471cd2f66430… | patch |
| https://github.com/erlang/otp/commit/59c8d824386b… | patch |
Impacted products
Credits
John Downey
Ingela Anderton Andin
Jakub Witczak
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42789",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T15:41:47.903975Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:43:46.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"modules": [
"pubkey_cert"
],
"packageName": "public_key",
"packageURL": "pkg:otp/public_key?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp\u0026vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git",
"product": "OTP",
"programFiles": [
"src/pubkey_cert.erl"
],
"programRoutines": [
{
"name": "pubkey_cert:validate_extensions/7"
}
],
"repo": "https://github.com/erlang/otp",
"vendor": "Erlang",
"versions": [
{
"changes": [
{
"at": "1.15.1.7",
"status": "unaffected"
},
{
"at": "1.17.1.3",
"status": "unaffected"
},
{
"at": "1.20.3.1",
"status": "unaffected"
},
{
"at": "1.21.1",
"status": "unaffected"
}
],
"lessThan": "*",
"status": "affected",
"version": "0.22",
"versionType": "otp"
}
]
},
{
"collectionURL": "https://github.com",
"cpes": [
"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"modules": [
"pubkey_cert"
],
"packageName": "erlang/otp",
"packageURL": "pkg:github/erlang/otp",
"product": "OTP",
"programFiles": [
"lib/public_key/src/pubkey_cert.erl"
],
"programRoutines": [
{
"name": "pubkey_cert:validate_extensions/7"
}
],
"repo": "https://github.com/erlang/otp",
"vendor": "Erlang",
"versions": [
{
"changes": [
{
"at": "26.2.5.21",
"status": "unaffected"
},
{
"at": "27.3.4.12",
"status": "unaffected"
},
{
"at": "28.5.0.1",
"status": "unaffected"
},
{
"at": "29.0.1",
"status": "unaffected"
}
],
"lessThan": "*",
"status": "affected",
"version": "17.0",
"versionType": "otp"
},
{
"changes": [
{
"at": "471cd2f664300a95353c467873800bbe706005db",
"status": "unaffected"
},
{
"at": "59c8d824386b2eb1614ff9340624843ef6aca0fd",
"status": "unaffected"
}
],
"lessThan": "*",
"status": "affected",
"version": "84adefa331c4159d432d22840663c38f155cd4c1",
"versionType": "git"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "26.2.5.21",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "27.3.4.12",
"versionStartIncluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "28.5.0.1",
"versionStartIncluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "29.0.1",
"versionStartIncluding": "29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "John Downey"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Ingela Anderton Andin"
},
{
"lang": "en",
"type": "analyst",
"value": "Jakub Witczak"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP \u003ctt\u003epublic_key\u003c/tt\u003e (\u003ctt\u003epubkey_cert\u003c/tt\u003e module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\u003cp\u003eIn \u003ctt\u003elib/public_key/src/pubkey_cert.erl\u003c/tt\u003e, \u003ctt\u003epubkey_cert:validate_extensions/7\u003c/tt\u003e contains two flaws that together allow a certificate with \u003ctt\u003ebasicConstraints cA:false\u003c/tt\u003e and no \u003ctt\u003ekeyUsage\u003c/tt\u003e extension to be used as an intermediate issuer in a chain passed to \u003ctt\u003epublic_key:pkix_path_validation/3\u003c/tt\u003e: the \u003ctt\u003ecA:false\u003c/tt\u003e clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the \u003ctt\u003ekeyUsage\u003c/tt\u003e check only fires when the extension is present, so a certificate lacking \u003ctt\u003ekeyUsage\u003c/tt\u003e entirely bypasses the \u003ctt\u003ekeyCertSign\u003c/tt\u003e enforcement.\u003c/p\u003e\u003cp\u003eAny party holding an end-entity certificate with \u003ctt\u003ebasicConstraints cA:false\u003c/tt\u003e and no \u003ctt\u003ekeyUsage\u003c/tt\u003e extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. \u003ctt\u003epublic_key:pkix_path_validation/3\u003c/tt\u003e accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP \u003ctt\u003essl\u003c/tt\u003e application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\u003c/p\u003e\u003cp\u003eThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to \u003ctt\u003epublic_key\u003c/tt\u003e from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.\u003c/p\u003e"
}
],
"value": "Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\n\nIn lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.\n\nAny party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\n\nThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1."
}
],
"impacts": [
{
"capecId": "CAPEC-475",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-475 Signature Spoofing by Improper Validation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-296",
"description": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T15:46:57.832Z",
"orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"shortName": "EEF"
},
"references": [
{
"tags": [
"vendor-advisory",
"related"
],
"url": "https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq"
},
{
"tags": [
"related"
],
"url": "https://cna.erlef.org/cves/CVE-2026-42789.html"
},
{
"tags": [
"related"
],
"url": "https://osv.dev/vulnerability/EEF-CVE-2026-42789"
},
{
"tags": [
"x_version-scheme"
],
"url": "https://www.erlang.org/doc/system/versions.html#order-of-versions"
},
{
"tags": [
"patch"
],
"url": "https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db"
},
{
"tags": [
"patch"
],
"url": "https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Non-CA certificate accepted as intermediate issuer in public_key path validation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The \u003ctt\u003everify_fun\u003c/tt\u003e option in the \u003ctt\u003essl\u003c/tt\u003e or \u003ctt\u003epublic_key\u003c/tt\u003e application can be used to ensure that path validation rejects chains where an intermediate certificate does not have \u003ctt\u003ebasicConstraints cA:true\u003c/tt\u003e."
}
],
"value": "The verify_fun option in the ssl or public_key application can be used to ensure that path validation rejects chains where an intermediate certificate does not have basicConstraints cA:true."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"assignerShortName": "EEF",
"cveId": "CVE-2026-42789",
"datePublished": "2026-05-27T12:23:06.355Z",
"dateReserved": "2026-04-29T18:06:33.251Z",
"dateUpdated": "2026-05-27T15:46:57.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-42789",
"date": "2026-06-13",
"epss": "0.00026",
"percentile": "0.08003"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-42789\",\"sourceIdentifier\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"published\":\"2026-05-27T14:16:53.267\",\"lastModified\":\"2026-06-05T17:16:11.590\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\\n\\nIn lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.\\n\\nAny party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\\n\\nThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"},{\"lang\":\"en\",\"value\":\"CWE-296\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"26.2.5.21\",\"matchCriteriaId\":\"F25CA266-A367-4D08-8717-0D1A6694DBDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"27.0\",\"versionEndExcluding\":\"27.3.4.12\",\"matchCriteriaId\":\"91269F6D-B8A3-41F2-871C-79EBB9460BE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"28.0\",\"versionEndExcluding\":\"28.5.0.1\",\"matchCriteriaId\":\"844A3F01-AF3C-4C48-81DB-932B803D22C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"29.0\",\"versionEndExcluding\":\"29.0.1\",\"matchCriteriaId\":\"46976598-817C-4E93-AC4B-46434746C25F\"}]}]}],\"references\":[{\"url\":\"https://cna.erlef.org/cves/CVE-2026-42789.html\",\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db\",\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd\",\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq\",\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://osv.dev/vulnerability/EEF-CVE-2026-42789\",\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.erlang.org/doc/system/versions.html#order-of-versions\",\"source\":\"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\",\"tags\":[\"Product\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-42789\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-27T15:41:47.903975Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-27T15:43:29.627Z\"}}], \"cna\": {\"title\": \"Non-CA certificate accepted as intermediate issuer in public_key path validation\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"John Downey\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Ingela Anderton Andin\"}, {\"lang\": \"en\", \"type\": \"analyst\", \"value\": \"Jakub Witczak\"}], \"impacts\": [{\"capecId\": \"CAPEC-475\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-475 Signature Spoofing by Improper Validation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\"], \"repo\": \"https://github.com/erlang/otp\", \"vendor\": \"Erlang\", \"modules\": [\"pubkey_cert\"], \"product\": \"OTP\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"1.15.1.7\", \"status\": \"unaffected\"}, {\"at\": \"1.17.1.3\", \"status\": \"unaffected\"}, {\"at\": \"1.20.3.1\", \"status\": \"unaffected\"}, {\"at\": \"1.21.1\", \"status\": \"unaffected\"}], \"version\": \"0.22\", \"lessThan\": \"*\", \"versionType\": \"otp\"}], \"packageURL\": \"pkg:otp/public_key?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp\u0026vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git\", \"packageName\": \"public_key\", \"programFiles\": [\"src/pubkey_cert.erl\"], \"defaultStatus\": \"unknown\", \"programRoutines\": [{\"name\": \"pubkey_cert:validate_extensions/7\"}]}, {\"cpes\": [\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\"], \"repo\": \"https://github.com/erlang/otp\", \"vendor\": \"Erlang\", \"modules\": [\"pubkey_cert\"], \"product\": \"OTP\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"26.2.5.21\", \"status\": \"unaffected\"}, {\"at\": \"27.3.4.12\", \"status\": \"unaffected\"}, {\"at\": \"28.5.0.1\", \"status\": \"unaffected\"}, {\"at\": \"29.0.1\", \"status\": \"unaffected\"}], \"version\": \"17.0\", \"lessThan\": \"*\", \"versionType\": \"otp\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"471cd2f664300a95353c467873800bbe706005db\", \"status\": \"unaffected\"}, {\"at\": \"59c8d824386b2eb1614ff9340624843ef6aca0fd\", \"status\": \"unaffected\"}], \"version\": \"84adefa331c4159d432d22840663c38f155cd4c1\", \"lessThan\": \"*\", \"versionType\": \"git\"}], \"packageURL\": \"pkg:github/erlang/otp\", \"packageName\": \"erlang/otp\", \"programFiles\": [\"lib/public_key/src/pubkey_cert.erl\"], \"collectionURL\": \"https://github.com\", \"defaultStatus\": \"unknown\", \"programRoutines\": [{\"name\": \"pubkey_cert:validate_extensions/7\"}]}], \"references\": [{\"url\": \"https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq\", \"tags\": [\"vendor-advisory\", \"related\"]}, {\"url\": \"https://cna.erlef.org/cves/CVE-2026-42789.html\", \"tags\": [\"related\"]}, {\"url\": \"https://osv.dev/vulnerability/EEF-CVE-2026-42789\", \"tags\": [\"related\"]}, {\"url\": \"https://www.erlang.org/doc/system/versions.html#order-of-versions\", \"tags\": [\"x_version-scheme\"]}, {\"url\": \"https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd\", \"tags\": [\"patch\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"The verify_fun option in the ssl or public_key application can be used to ensure that path validation rejects chains where an intermediate certificate does not have basicConstraints cA:true.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The \u003ctt\u003everify_fun\u003c/tt\u003e option in the \u003ctt\u003essl\u003c/tt\u003e or \u003ctt\u003epublic_key\u003c/tt\u003e application can be used to ensure that path validation rejects chains where an intermediate certificate does not have \u003ctt\u003ebasicConstraints cA:true\u003c/tt\u003e.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\\n\\nIn lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.\\n\\nAny party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\\n\\nThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP \u003ctt\u003epublic_key\u003c/tt\u003e (\u003ctt\u003epubkey_cert\u003c/tt\u003e module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\u003cp\u003eIn \u003ctt\u003elib/public_key/src/pubkey_cert.erl\u003c/tt\u003e, \u003ctt\u003epubkey_cert:validate_extensions/7\u003c/tt\u003e contains two flaws that together allow a certificate with \u003ctt\u003ebasicConstraints cA:false\u003c/tt\u003e and no \u003ctt\u003ekeyUsage\u003c/tt\u003e extension to be used as an intermediate issuer in a chain passed to \u003ctt\u003epublic_key:pkix_path_validation/3\u003c/tt\u003e: the \u003ctt\u003ecA:false\u003c/tt\u003e clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the \u003ctt\u003ekeyUsage\u003c/tt\u003e check only fires when the extension is present, so a certificate lacking \u003ctt\u003ekeyUsage\u003c/tt\u003e entirely bypasses the \u003ctt\u003ekeyCertSign\u003c/tt\u003e enforcement.\u003c/p\u003e\u003cp\u003eAny party holding an end-entity certificate with \u003ctt\u003ebasicConstraints cA:false\u003c/tt\u003e and no \u003ctt\u003ekeyUsage\u003c/tt\u003e extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. \u003ctt\u003epublic_key:pkix_path_validation/3\u003c/tt\u003e accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP \u003ctt\u003essl\u003c/tt\u003e application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\u003c/p\u003e\u003cp\u003eThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to \u003ctt\u003epublic_key\u003c/tt\u003e from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-295\", \"description\": \"CWE-295 Improper Certificate Validation\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-296\", \"description\": \"CWE-296 Improper Following of a Certificate\u0027s Chain of Trust\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"26.2.5.21\", \"versionStartIncluding\": \"17.0\"}, {\"criteria\": \"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"27.3.4.12\", \"versionStartIncluding\": \"27.0\"}, {\"criteria\": \"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"28.5.0.1\", \"versionStartIncluding\": \"28.0\"}, {\"criteria\": \"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"29.0.1\", \"versionStartIncluding\": \"29.0\"}], \"operator\": \"OR\"}], \"operator\": \"AND\"}], \"providerMetadata\": {\"orgId\": \"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\", \"shortName\": \"EEF\", \"dateUpdated\": \"2026-05-27T15:46:57.832Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-42789\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-27T15:46:57.832Z\", \"dateReserved\": \"2026-04-29T18:06:33.251Z\", \"assignerOrgId\": \"6b3ad84c-e1a6-4bf7-a703-f496b71e49db\", \"datePublished\": \"2026-05-27T12:23:06.355Z\", \"assignerShortName\": \"EEF\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0731
Vulnerability from certfr_avis - Published: 2026-06-10 - Updated: 2026-06-10
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Nuance PowerScribe One version 2019.8 antérieures à 2019.8.43.19 | ||
| Microsoft | N/A | PowerScribe One version 2023.1 SP2 Patch 11 antérieures à 2023.2.3054 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.3 antérieures à 7.0.197.10 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.1 antérieures à 2019.1.96.6 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.8 antérieures à 7.0.427.15 | ||
| Microsoft | N/A | Microsoft Visual Studio 2026 version 18.6 antérieures à 18.6.3 | ||
| Microsoft | N/A | Microsoft SharePoint Server 2019 versions antérieures à 16.0.10417.20153 | ||
| Microsoft | N/A | PowerScribe One version 2023.1 SP3 Patch 6 antérieures à 2023.3.9072 | ||
| Microsoft | N/A | Microsoft PowerToys versions antérieures à v0.99.1 | ||
| Microsoft | N/A | azl3 httpd 2.4.67-1 versions antérieures à 2.4.68-1 | ||
| Microsoft | N/A | Visual Studio Code - MSSQL Extension versions antérieures à 1.123.1 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.3 antérieures à 2019.3.16.21 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.5 antérieures à 2019.5.14.40 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.4 antérieures à 7.0.212.10 | ||
| Microsoft | N/A | Microsoft Live Share Canvas SDK versions antérieures à 1.4.2 | ||
| Microsoft | N/A | Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5556.1005 | ||
| Microsoft | N/A | Microsoft Exchange Server 2019 Cumulative Update 14 versions antérieures à 15.02.1544.041 | ||
| Microsoft | N/A | azl3 erlang 26.2.5.20-1 versions antérieures à 26.2.5.21-1 | ||
| Microsoft | N/A | azl3 libinput 1.25.0-1 versions antérieures à 1.25.0-2 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.10 antérieures à 2019.10.36.14 | ||
| Microsoft | N/A | Microsoft Dynamics 365 (on-premises) version 9.1 antérieures à 9.1 Train 26062 (06.2) | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.6 antérieures à 2019.6.36.40 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.2 antérieures à 2019.2.9.11 | ||
| Microsoft | N/A | Visual Studio Code versions antérieures à 1.123.1 | ||
| Microsoft | N/A | azl3 docker-buildx 0.14.0-13 versions antérieures à 0.14.0-15 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.7 antérieures à 2019.7.107.26 | ||
| Microsoft | N/A | Microsoft PC Manager versions antérieures à 3.21.6.0 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.5 antérieures à 7.0.243.19 | ||
| Microsoft | N/A | azl3 docker-compose 2.27.0-11 versions antérieures à 2.27.0-13 | ||
| Microsoft | N/A | Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.19725.20384 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.4 antérieures à 2019.4.9.17 | ||
| Microsoft | N/A | Microsoft Visual Studio Code CoPilot Chat Extension versions antérieures à 1.123.1 | ||
| Microsoft | N/A | Nuance PowerScribe 360 4.0 versions antérieures à 7.0.11.49 | ||
| Microsoft | N/A | Visual Studio Code versions antérieures à 1.119.1 | ||
| Microsoft | N/A | azl3 packer 1.9.5-15 versions antérieures à 1.9.5-16 | ||
| Microsoft | N/A | Nuance PowerScribe One version 2019.9 antérieures à 2019.9.31.23 | ||
| Microsoft | N/A | Linux kernel - Microsoft MANA Network Driver versions antérieures à 7.1 | ||
| Microsoft | N/A | azl3 kernel 6.6.139.1-1 versions antérieures à 6.6.141.1-1 | ||
| Microsoft | N/A | Microsoft Bing Search pour Android versions antérieures à 33.3 | ||
| Microsoft | N/A | Microsoft Defender pour Endpoint pour Mac versions antérieures à 101.26042.0011 | ||
| Microsoft | N/A | azl3 perl 5.38.2-509 versions antérieures à 5.38.2-510 | ||
| Microsoft | N/A | azl3 freeipmi 1.6.17-1 versions antérieures à 1.6.18-1 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.1 antérieures à 7.0.111.68 | ||
| Microsoft | N/A | Microsoft Exchange Server Subscription Edition RTM versions antérieures à 15.02.2562.043 | ||
| Microsoft | N/A | Microsoft Teams pour Android versions antérieures à 1.0.76.2026111302 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.6 antérieures à 7.0.277.28 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.7 antérieures à 7.0.316.12 | ||
| Microsoft | N/A | Microsoft Exchange Server 2019 Cumulative Update 15 versions antérieures à 15.02.1748.046 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.9 antérieures à 7.0.528.24 | ||
| Microsoft | N/A | Microsoft Exchange Server 2016 Cumulative Update 23 versions antérieures à 15.01.2507.069 | ||
| Microsoft | N/A | Nuance PowerScribe 360 version 4.0.2 antérieures à 7.0.154.18 | ||
| Microsoft | N/A | Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5556.1002 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nuance PowerScribe One version 2019.8 ant\u00e9rieures \u00e0 2019.8.43.19",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "PowerScribe One version 2023.1 SP2 Patch 11 ant\u00e9rieures \u00e0 2023.2.3054",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.3 ant\u00e9rieures \u00e0 7.0.197.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.1 ant\u00e9rieures \u00e0 2019.1.96.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.8 ant\u00e9rieures \u00e0 7.0.427.15",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2026 version 18.6 ant\u00e9rieures \u00e0 18.6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server 2019 versions ant\u00e9rieures \u00e0 16.0.10417.20153",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "PowerScribe One version 2023.1 SP3 Patch 6 ant\u00e9rieures \u00e0 2023.3.9072",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft PowerToys versions ant\u00e9rieures \u00e0 v0.99.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 httpd 2.4.67-1 versions ant\u00e9rieures \u00e0 2.4.68-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Visual Studio Code - MSSQL Extension versions ant\u00e9rieures \u00e0 1.123.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.3 ant\u00e9rieures \u00e0 2019.3.16.21",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.5 ant\u00e9rieures \u00e0 2019.5.14.40",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.4 ant\u00e9rieures \u00e0 7.0.212.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Live Share Canvas SDK versions ant\u00e9rieures \u00e0 1.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Enterprise Server 2016 versions ant\u00e9rieures \u00e0 16.0.5556.1005",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2019 Cumulative Update 14 versions ant\u00e9rieures \u00e0 15.02.1544.041",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 erlang 26.2.5.20-1 versions ant\u00e9rieures \u00e0 26.2.5.21-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 libinput 1.25.0-1 versions ant\u00e9rieures \u00e0 1.25.0-2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.10 ant\u00e9rieures \u00e0 2019.10.36.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Dynamics 365 (on-premises) version 9.1 ant\u00e9rieures \u00e0 9.1 Train 26062 (06.2)",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.6 ant\u00e9rieures \u00e0 2019.6.36.40",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.2 ant\u00e9rieures \u00e0 2019.2.9.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Visual Studio Code versions ant\u00e9rieures \u00e0 1.123.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 docker-buildx 0.14.0-13 versions ant\u00e9rieures \u00e0 0.14.0-15",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.7 ant\u00e9rieures \u00e0 2019.7.107.26",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft PC Manager versions ant\u00e9rieures \u00e0 3.21.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.5 ant\u00e9rieures \u00e0 7.0.243.19",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 docker-compose 2.27.0-11 versions ant\u00e9rieures \u00e0 2.27.0-13",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server Subscription Edition versions ant\u00e9rieures \u00e0 16.0.19725.20384",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.4 ant\u00e9rieures \u00e0 2019.4.9.17",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio Code CoPilot Chat Extension versions ant\u00e9rieures \u00e0 1.123.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 4.0 versions ant\u00e9rieures \u00e0 7.0.11.49",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Visual Studio Code versions ant\u00e9rieures \u00e0 1.119.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 packer 1.9.5-15 versions ant\u00e9rieures \u00e0 1.9.5-16",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe One version 2019.9 ant\u00e9rieures \u00e0 2019.9.31.23",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Linux kernel - Microsoft MANA Network Driver versions ant\u00e9rieures \u00e0 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 kernel 6.6.139.1-1 versions ant\u00e9rieures \u00e0 6.6.141.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Bing Search pour Android versions ant\u00e9rieures \u00e0 33.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Defender pour Endpoint pour Mac versions ant\u00e9rieures \u00e0 101.26042.0011",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 perl 5.38.2-509 versions ant\u00e9rieures \u00e0 5.38.2-510",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 freeipmi 1.6.17-1 versions ant\u00e9rieures \u00e0 1.6.18-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.1 ant\u00e9rieures \u00e0 7.0.111.68",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server Subscription Edition RTM versions ant\u00e9rieures \u00e0 15.02.2562.043",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Teams pour Android versions ant\u00e9rieures \u00e0 1.0.76.2026111302",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.6 ant\u00e9rieures \u00e0 7.0.277.28",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.7 ant\u00e9rieures \u00e0 7.0.316.12",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2019 Cumulative Update 15 versions ant\u00e9rieures \u00e0 15.02.1748.046",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.9 ant\u00e9rieures \u00e0 7.0.528.24",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2016 Cumulative Update 23 versions ant\u00e9rieures \u00e0 15.01.2507.069",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Nuance PowerScribe 360 version 4.0.2 ant\u00e9rieures \u00e0 7.0.154.18",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Enterprise Server 2016 versions ant\u00e9rieures \u00e0 16.0.5556.1002",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-45842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45842"
},
{
"name": "CVE-2026-42902",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42902"
},
{
"name": "CVE-2026-46119",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46119"
},
{
"name": "CVE-2026-42789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42789"
},
{
"name": "CVE-2026-47639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47639"
},
{
"name": "CVE-2026-45845",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45845"
},
{
"name": "CVE-2026-46124",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46124"
},
{
"name": "CVE-2026-46082",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46082"
},
{
"name": "CVE-2026-45464",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45464"
},
{
"name": "CVE-2026-46065",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46065"
},
{
"name": "CVE-2026-46227",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46227"
},
{
"name": "CVE-2026-47631",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47631"
},
{
"name": "CVE-2026-42496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42496"
},
{
"name": "CVE-2026-46185",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46185"
},
{
"name": "CVE-2026-46064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46064"
},
{
"name": "CVE-2026-45988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45988"
},
{
"name": "CVE-2026-46112",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46112"
},
{
"name": "CVE-2026-46196",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46196"
},
{
"name": "CVE-2026-42790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42790"
},
{
"name": "CVE-2026-46063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46063"
},
{
"name": "CVE-2026-45583",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45583"
},
{
"name": "CVE-2026-45500",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45500"
},
{
"name": "CVE-2026-39833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39833"
},
{
"name": "CVE-2026-46233",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46233"
},
{
"name": "CVE-2026-45504",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45504"
},
{
"name": "CVE-2026-47292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47292"
},
{
"name": "CVE-2026-46114",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46114"
},
{
"name": "CVE-2026-45650",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45650"
},
{
"name": "CVE-2026-46080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46080"
},
{
"name": "CVE-2026-46231",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46231"
},
{
"name": "CVE-2026-45835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45835"
},
{
"name": "CVE-2026-45996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45996"
},
{
"name": "CVE-2026-46229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46229"
},
{
"name": "CVE-2026-46019",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46019"
},
{
"name": "CVE-2026-46173",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46173"
},
{
"name": "CVE-2026-46195",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46195"
},
{
"name": "CVE-2026-46204",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46204"
},
{
"name": "CVE-2026-46214",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46214"
},
{
"name": "CVE-2026-45647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45647"
},
{
"name": "CVE-2025-15649",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15649"
},
{
"name": "CVE-2026-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48560"
},
{
"name": "CVE-2026-45502",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45502"
},
{
"name": "CVE-2026-46027",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46027"
},
{
"name": "CVE-2026-45591",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45591"
},
{
"name": "CVE-2026-46040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46040"
},
{
"name": "CVE-2026-46236",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46236"
},
{
"name": "CVE-2026-45481",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45481"
},
{
"name": "CVE-2026-46113",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46113"
},
{
"name": "CVE-2026-46137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46137"
},
{
"name": "CVE-2026-45841",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45841"
},
{
"name": "CVE-2026-46072",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46072"
},
{
"name": "CVE-2026-46159",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46159"
},
{
"name": "CVE-2026-46190",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46190"
},
{
"name": "CVE-2026-46142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46142"
},
{
"name": "CVE-2026-47634",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47634"
},
{
"name": "CVE-2026-45468",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45468"
},
{
"name": "CVE-2026-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50292"
},
{
"name": "CVE-2026-42835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42835"
},
{
"name": "CVE-2026-46209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46209"
},
{
"name": "CVE-2026-46031",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46031"
},
{
"name": "CVE-2026-46186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46186"
},
{
"name": "CVE-2026-46002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46002"
},
{
"name": "CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"name": "CVE-2026-46101",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46101"
},
{
"name": "CVE-2026-46099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46099"
},
{
"name": "CVE-2026-45989",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45989"
},
{
"name": "CVE-2026-46091",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46091"
},
{
"name": "CVE-2026-46024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46024"
},
{
"name": "CVE-2026-46106",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46106"
},
{
"name": "CVE-2026-46037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46037"
},
{
"name": "CVE-2026-46116",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46116"
},
{
"name": "CVE-2026-46083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46083"
},
{
"name": "CVE-2026-46151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46151"
},
{
"name": "CVE-2026-46220",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46220"
},
{
"name": "CVE-2026-46127",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46127"
},
{
"name": "CVE-2026-46176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46176"
},
{
"name": "CVE-2026-46146",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46146"
},
{
"name": "CVE-2026-45836",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45836"
},
{
"name": "CVE-2026-46178",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46178"
},
{
"name": "CVE-2026-45846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45846"
},
{
"name": "CVE-2026-46133",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46133"
},
{
"name": "CVE-2026-46005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46005"
},
{
"name": "CVE-2026-40371",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40371"
},
{
"name": "CVE-2026-46069",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46069"
},
{
"name": "CVE-2026-47298",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47298"
},
{
"name": "CVE-2026-46122",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46122"
},
{
"name": "CVE-2026-47637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47637"
},
{
"name": "CVE-2026-46022",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46022"
},
{
"name": "CVE-2026-46103",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46103"
},
{
"name": "CVE-2026-46226",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46226"
},
{
"name": "CVE-2026-46043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46043"
},
{
"name": "CVE-2026-46120",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46120"
},
{
"name": "CVE-2026-46198",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46198"
},
{
"name": "CVE-2026-49975",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49975"
},
{
"name": "CVE-2026-46189",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46189"
},
{
"name": "CVE-2026-46011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46011"
},
{
"name": "CVE-2026-46128",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46128"
},
{
"name": "CVE-2026-45503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45503"
},
{
"name": "CVE-2026-46012",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46012"
},
{
"name": "CVE-2026-45479",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45479"
},
{
"name": "CVE-2026-46197",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46197"
},
{
"name": "CVE-2026-45467",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45467"
},
{
"name": "CVE-2026-45999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45999"
},
{
"name": "CVE-2026-46180",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46180"
},
{
"name": "CVE-2026-46038",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46038"
},
{
"name": "CVE-2026-48962",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48962"
},
{
"name": "CVE-2026-46206",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46206"
},
{
"name": "CVE-2026-46000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46000"
},
{
"name": "CVE-2026-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46234"
},
{
"name": "CVE-2026-46109",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46109"
},
{
"name": "CVE-2026-46062",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46062"
},
{
"name": "CVE-2026-46108",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46108"
},
{
"name": "CVE-2026-46049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46049"
},
{
"name": "CVE-2026-45458",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45458"
},
{
"name": "CVE-2026-47640",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47640"
},
{
"name": "CVE-2026-45997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45997"
},
{
"name": "CVE-2026-46070",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46070"
},
{
"name": "CVE-2026-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46150"
},
{
"name": "CVE-2026-44819",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44819"
},
{
"name": "CVE-2026-45840",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45840"
},
{
"name": "CVE-2026-45484",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45484"
},
{
"name": "CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"name": "CVE-2026-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46219"
},
{
"name": "CVE-2026-46172",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46172"
},
{
"name": "CVE-2026-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45993"
},
{
"name": "CVE-2026-46161",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46161"
},
{
"name": "CVE-2026-46026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46026"
},
{
"name": "CVE-2026-45844",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45844"
},
{
"name": "CVE-2026-46110",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46110"
},
{
"name": "CVE-2026-48562",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48562"
},
{
"name": "CVE-2026-45998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45998"
},
{
"name": "CVE-2026-44821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44821"
},
{
"name": "CVE-2026-47284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47284"
},
{
"name": "CVE-2026-46111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46111"
},
{
"name": "CVE-2026-46018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46018"
},
{
"name": "CVE-2026-45991",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45991"
},
{
"name": "CVE-2026-46046",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46046"
},
{
"name": "CVE-2026-46145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46145"
},
{
"name": "CVE-2026-46156",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46156"
},
{
"name": "CVE-2026-45476",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45476"
},
{
"name": "CVE-2026-46125",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46125"
},
{
"name": "CVE-2026-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46152"
},
{
"name": "CVE-2026-45482",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45482"
},
{
"name": "CVE-2026-46075",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46075"
},
{
"name": "CVE-2026-46167",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46167"
},
{
"name": "CVE-2026-46191",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46191"
},
{
"name": "CVE-2026-26142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26142"
},
{
"name": "CVE-2026-48959",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48959"
},
{
"name": "CVE-2026-33113",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33113"
},
{
"name": "CVE-2026-46129",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46129"
},
{
"name": "CVE-2026-46006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46006"
},
{
"name": "CVE-2026-49161",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49161"
},
{
"name": "CVE-2026-45843",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45843"
},
{
"name": "CVE-2026-46115",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46115"
},
{
"name": "CVE-2026-46016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46016"
},
{
"name": "CVE-2026-46015",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46015"
},
{
"name": "CVE-2026-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45485"
},
{
"name": "CVE-2026-46136",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46136"
},
{
"name": "CVE-2026-46068",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46068"
},
{
"name": "CVE-2026-46056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46056"
},
{
"name": "CVE-2026-46230",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46230"
},
{
"name": "CVE-2026-46138",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46138"
},
{
"name": "CVE-2026-46225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46225"
},
{
"name": "CVE-2026-46004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46004"
},
{
"name": "CVE-2026-46086",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46086"
},
{
"name": "CVE-2026-46094",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46094"
},
{
"name": "CVE-2026-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46149"
},
{
"name": "CVE-2026-46208",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46208"
},
{
"name": "CVE-2026-45483",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45483"
},
{
"name": "CVE-2026-46205",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46205"
},
{
"name": "CVE-2026-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46218"
},
{
"name": "CVE-2026-45456",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45456"
},
{
"name": "CVE-2026-46132",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46132"
},
{
"name": "CVE-2026-46160",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46160"
},
{
"name": "CVE-2026-46177",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46177"
},
{
"name": "CVE-2026-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47287"
},
{
"name": "CVE-2026-46131",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46131"
},
{
"name": "CVE-2026-46084",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46084"
},
{
"name": "CVE-2026-46079",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46079"
},
{
"name": "CVE-2026-45471",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45471"
},
{
"name": "CVE-2026-50512",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50512"
},
{
"name": "CVE-2026-45501",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45501"
},
{
"name": "CVE-2026-46085",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46085"
},
{
"name": "CVE-2026-47638",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47638"
},
{
"name": "CVE-2026-47636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47636"
},
{
"name": "CVE-2026-46021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46021"
},
{
"name": "CVE-2026-45465",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45465"
},
{
"name": "CVE-2026-48569",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48569"
},
{
"name": "CVE-2026-45462",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45462"
},
{
"name": "CVE-2026-46107",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46107"
},
{
"name": "CVE-2026-46047",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46047"
},
{
"name": "CVE-2026-46273",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46273"
},
{
"name": "CVE-2026-40376",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40376"
},
{
"name": "CVE-2026-45994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45994"
},
{
"name": "CVE-2026-44824",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44824"
},
{
"name": "CVE-2026-46163",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46163"
},
{
"name": "CVE-2026-46164",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46164"
},
{
"name": "CVE-2026-45838",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45838"
},
{
"name": "CVE-2026-45454",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45454"
},
{
"name": "CVE-2026-45453",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45453"
},
{
"name": "CVE-2026-46077",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46077"
},
{
"name": "CVE-2026-46187",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46187"
},
{
"name": "CVE-2026-46168",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46168"
},
{
"name": "CVE-2026-45986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45986"
},
{
"name": "CVE-2026-45987",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45987"
},
{
"name": "CVE-2026-45644",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45644"
},
{
"name": "CVE-2026-46050",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46050"
},
{
"name": "CVE-2026-46003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46003"
},
{
"name": "CVE-2026-46009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46009"
},
{
"name": "CVE-2026-46144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46144"
},
{
"name": "CVE-2026-46023",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46023"
},
{
"name": "CVE-2026-47641",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47641"
},
{
"name": "CVE-2026-46193",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46193"
},
{
"name": "CVE-2026-46033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46033"
},
{
"name": "CVE-2026-46212",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46212"
},
{
"name": "CVE-2026-50031",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50031"
},
{
"name": "CVE-2026-45834",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45834"
},
{
"name": "CVE-2026-46089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46089"
},
{
"name": "CVE-2026-50511",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50511"
},
{
"name": "CVE-2026-46199",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46199"
},
{
"name": "CVE-2026-46123",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46123"
},
{
"name": "CVE-2026-46098",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46098"
},
{
"name": "CVE-2026-47281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47281"
},
{
"name": "CVE-2026-46165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46165"
},
{
"name": "CVE-2026-46052",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46052"
},
{
"name": "CVE-2026-46053",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46053"
},
{
"name": "CVE-2026-45475",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45475"
},
{
"name": "CVE-2026-46238",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46238"
},
{
"name": "CVE-2026-46051",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46051"
},
{
"name": "CVE-2026-46155",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46155"
},
{
"name": "CVE-2026-45839",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45839"
},
{
"name": "CVE-2026-46088",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46088"
},
{
"name": "CVE-2026-46048",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46048"
},
{
"name": "CVE-2026-46102",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46102"
},
{
"name": "CVE-2026-46078",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46078"
},
{
"name": "CVE-2026-46058",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46058"
}
],
"initial_release_date": "2026-06-10T00:00:00",
"last_revision_date": "2026-06-10T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0731",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46231",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46231"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46018",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46018"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45845",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45845"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46226",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46226"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46088",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46088"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46050",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46050"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46173",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46173"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46062",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46062"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46167",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46167"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46070",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46070"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47638",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47638"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46132",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46132"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45465",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45465"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46037",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46037"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45454",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45454"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45838",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45838"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46009",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46009"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48569",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48569"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46185",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46185"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46098",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46098"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46187",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46187"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46026",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46026"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46177",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46177"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46124",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46124"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46005",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46005"
},
{
"published_at": "2026-05-31",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-42789",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42789"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46150",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46150"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46079",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46079"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46163",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46163"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46137",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46137"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46220",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46220"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46172",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46172"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45840",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45840"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46040",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46040"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46002",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46002"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46138",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46138"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45500",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45500"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-42902",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42902"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46219",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46219"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45835",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45835"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46238",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46238"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45476",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45476"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46015",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46015"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45834",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45834"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46111",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46111"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46212",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46212"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-39833",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-39833"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46038",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46038"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46024",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46024"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46176",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46176"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46196",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46196"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46214",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46214"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46103",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46103"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45462",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45462"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46077",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46077"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46234",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46234"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47640",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47640"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46131",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46131"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46120",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46120"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47639",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47639"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46300",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46300"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45846",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45846"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46043",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46043"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46225",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46225"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47292",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47292"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46195",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46195"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46191",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46191"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46149",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46149"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45481",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45481"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48562",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48562"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46193",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46193"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45591",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45591"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47637",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47637"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45479",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45479"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45583",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45583"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46115",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46115"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46161",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46161"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46027",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46027"
},
{
"published_at": "2026-06-02",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48959",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48959"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45467",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45467"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45475",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45475"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46133",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46133"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45989",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45989"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47298",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47298"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46064",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46064"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46046",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46046"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46102",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46102"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45844",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45844"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46006",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46006"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46236",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46236"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45650",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45650"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46065",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46065"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47636",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47636"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46012",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46012"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46209",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46209"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46136",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46136"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45996",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45996"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46146",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46146"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46094",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46094"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33113",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33113"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45998",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45998"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46108"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46101",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46101"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46058",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46058"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45503",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45503"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-44821",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44821"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-42496",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42496"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46085",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46085"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46165",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46165"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-49161",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49161"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46049",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46049"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46031",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46031"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46047",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46047"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47281",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47281"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46089",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46089"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47284",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47284"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45468",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45468"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-40371",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40371"
},
{
"published_at": "2026-05-31",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48962",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48962"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-49975",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49975"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45483",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45483"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-44824",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44824"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45997",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45997"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46227",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46227"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47287",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47287"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45987",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45987"
},
{
"published_at": "2026-05-31",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-42790",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42790"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26142",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26142"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46129",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46129"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45994",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45994"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45484",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45484"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45647",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45647"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46114",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46114"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46075",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46075"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45842",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45842"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45836",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45836"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45841",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45841"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46230",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46230"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45843",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45843"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46086",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46086"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47634",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47634"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46000",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46000"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45999",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45999"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46123",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46123"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46205",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46205"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-50511",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50511"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45485",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45485"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47641",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47641"
},
{
"published_at": "2026-06-06",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-50292",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50292"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46052",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46052"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46178",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46178"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46068",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46068"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46107",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46107"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46033",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46033"
},
{
"published_at": "2026-06-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46273",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46273"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46160",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46160"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46190",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46190"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46011",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46011"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46113",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46113"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46016",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46016"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46233",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46233"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46199",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46199"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45456",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45456"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-50512",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50512"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46156",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46156"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46145",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46145"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46072",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46072"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46051",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46051"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46164",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46164"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46056",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46056"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46109",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46109"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46204",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46204"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46152",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46152"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46197",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46197"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46189",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46189"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46125",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46125"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46144",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46144"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46078",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46078"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-43503",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-43503"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45464",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45464"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46159",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46159"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45839",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45839"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45502",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45502"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46048",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46048"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46116",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46116"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45471",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45471"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45986",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45986"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45453",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45453"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46019",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46019"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46142",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46142"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45458",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45458"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45482",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45482"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-48560",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48560"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46208",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46208"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45993",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45993"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46229",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46229"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46155",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46155"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46022",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46022"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46110",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46110"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45991",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45991"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46003",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46003"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46128",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46128"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46106",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46106"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-42835",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42835"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45988",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45988"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45501",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45501"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46063",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46063"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46168",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46168"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46021"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46091",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46091"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46218",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46218"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46206",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46206"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46119",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46119"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46084",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46084"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46127",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46127"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46186",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46186"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46198",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46198"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46151",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46151"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46082",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46082"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-40376",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40376"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45504",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45504"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46004",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46004"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46083",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46083"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46099",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46099"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-47631",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47631"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46053",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46053"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-44819",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44819"
},
{
"published_at": "2026-06-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-50031",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50031"
},
{
"published_at": "2026-05-31",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-15649",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-15649"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46122",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46122"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46080",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46080"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46023",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46023"
},
{
"published_at": "2026-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-45644",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45644"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46112",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46112"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46069",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46069"
},
{
"published_at": "2026-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-46180",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46180"
}
]
}
FKIE_CVE-2026-42789
Vulnerability from fkie_nvd - Published: 2026-05-27 14:16 - Updated: 2026-06-05 17:16
Severity
Summary
Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.
In lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.
Any party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim's trust store, can use that certificate's private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.
This issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.
References
| URL | Tags | ||
|---|---|---|---|
| 6b3ad84c-e1a6-4bf7-a703-f496b71e49db | https://cna.erlef.org/cves/CVE-2026-42789.html | Third Party Advisory | |
| 6b3ad84c-e1a6-4bf7-a703-f496b71e49db | https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db | Patch | |
| 6b3ad84c-e1a6-4bf7-a703-f496b71e49db | https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd | Patch | |
| 6b3ad84c-e1a6-4bf7-a703-f496b71e49db | https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq | Vendor Advisory | |
| 6b3ad84c-e1a6-4bf7-a703-f496b71e49db | https://osv.dev/vulnerability/EEF-CVE-2026-42789 | Third Party Advisory | |
| 6b3ad84c-e1a6-4bf7-a703-f496b71e49db | https://www.erlang.org/doc/system/versions.html#order-of-versions | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| erlang | erlang\/otp | * | |
| erlang | erlang\/otp | * | |
| erlang | erlang\/otp | * | |
| erlang | erlang\/otp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F25CA266-A367-4D08-8717-0D1A6694DBDC",
"versionEndExcluding": "26.2.5.21",
"versionStartIncluding": "17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91269F6D-B8A3-41F2-871C-79EBB9460BE8",
"versionEndExcluding": "27.3.4.12",
"versionStartIncluding": "27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "844A3F01-AF3C-4C48-81DB-932B803D22C4",
"versionEndExcluding": "28.5.0.1",
"versionStartIncluding": "28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46976598-817C-4E93-AC4B-46434746C25F",
"versionEndExcluding": "29.0.1",
"versionStartIncluding": "29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\n\nIn lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.\n\nAny party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\n\nThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1."
}
],
"id": "CVE-2026-42789",
"lastModified": "2026-06-05T17:16:11.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"type": "Secondary"
}
]
},
"published": "2026-05-27T14:16:53.267",
"references": [
{
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"tags": [
"Third Party Advisory"
],
"url": "https://cna.erlef.org/cves/CVE-2026-42789.html"
},
{
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"tags": [
"Patch"
],
"url": "https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db"
},
{
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"tags": [
"Patch"
],
"url": "https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd"
},
{
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq"
},
{
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"tags": [
"Third Party Advisory"
],
"url": "https://osv.dev/vulnerability/EEF-CVE-2026-42789"
},
{
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"tags": [
"Product"
],
"url": "https://www.erlang.org/doc/system/versions.html#order-of-versions"
}
],
"sourceIdentifier": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
},
{
"lang": "en",
"value": "CWE-296"
}
],
"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
"type": "Secondary"
}
]
}
MSRC_CVE-2026-42789
Vulnerability from csaf_microsoft - Published: 2026-05-02 00:00 - Updated: 2026-06-09 01:44Summary
Non-CA certificate accepted as intermediate issuer in public_key path validation
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42789 Non-CA certificate accepted as intermediate issuer in public_key path validation - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-42789.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Non-CA certificate accepted as intermediate issuer in public_key path validation",
"tracking": {
"current_release_date": "2026-06-09T01:44:15.000Z",
"generator": {
"date": "2026-06-09T07:14:50.379Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-42789",
"initial_release_date": "2026-05-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-05-31T01:01:54.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-06-01T14:43:39.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-06-09T01:44:15.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 erlang 0:26.2.5.20-1.azl3",
"product": {
"name": "\u003cazl3 erlang 0:26.2.5.20-1.azl3",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 erlang 0:26.2.5.20-1.azl3",
"product": {
"name": "azl3 erlang 0:26.2.5.20-1.azl3",
"product_id": "21268"
}
}
],
"category": "product_name",
"name": "erlang"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 erlang 0:26.2.5.20-1.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 erlang 0:26.2.5.20-1.azl3 as a component of Azure Linux 3.0",
"product_id": "21268-17084"
},
"product_reference": "21268",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-42789",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "general",
"text": "EEF",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"21268-17084"
],
"known_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42789 Non-CA certificate accepted as intermediate issuer in public_key path validation - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-42789.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-31T01:01:54.000Z",
"details": "0:26.2.5.21-1.azl3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"title": "Non-CA certificate accepted as intermediate issuer in public_key path validation"
}
]
}
OPENSUSE-SU-2026:20907-1
Vulnerability from csaf_opensuse - Published: 2026-06-05 11:01 - Updated: 2026-06-05 11:01Summary
Security update for erlang
Severity
Important
Notes
Title of the patch: Security update for erlang
Description of the patch: This update for erlang fixes the following issues
- CVE-2025-4748: improper limitation of a pathname may lead to path traversal (bsc#1244642).
- CVE-2026-32147: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in SFTP chroot
(bsc#1262503).
- CVE-2026-42789: `public_key` application accepts non-CA certificates as intermediate issuers and this enables chain
forgery (bsc#1266449).
- CVE-2026-42790: Name Constraints and Subject CommonName fallback in TLS hostname verification allows for certificate
forgery by MITM attacker (bsc#1266466).
- CVE-2026-42791: OCSP response verification in the `public_key` application does not check the validity period of the
OCSP responder certificate and allows for OCSP response response forgery (bsc#1266448).
Patchnames: openSUSE-Leap-16.0-892
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.4 (Medium)
Affected products
Recommended
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
22 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://bugzilla.suse.com/1244642 | self |
| https://bugzilla.suse.com/1262503 | self |
| https://bugzilla.suse.com/1266448 | self |
| https://bugzilla.suse.com/1266449 | self |
| https://bugzilla.suse.com/1266466 | self |
| https://www.suse.com/security/cve/CVE-2025-4748/ | self |
| https://www.suse.com/security/cve/CVE-2026-32147/ | self |
| https://www.suse.com/security/cve/CVE-2026-42789/ | self |
| https://www.suse.com/security/cve/CVE-2026-42790/ | self |
| https://www.suse.com/security/cve/CVE-2026-42791/ | self |
| https://www.suse.com/security/cve/CVE-2025-4748 | external |
| https://bugzilla.suse.com/1244642 | external |
| https://www.suse.com/security/cve/CVE-2026-32147 | external |
| https://bugzilla.suse.com/1262503 | external |
| https://www.suse.com/security/cve/CVE-2026-42789 | external |
| https://bugzilla.suse.com/1266449 | external |
| https://www.suse.com/security/cve/CVE-2026-42790 | external |
| https://bugzilla.suse.com/1266466 | external |
| https://www.suse.com/security/cve/CVE-2026-42791 | external |
| https://bugzilla.suse.com/1266448 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for erlang",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for erlang fixes the following issues\n\n- CVE-2025-4748: improper limitation of a pathname may lead to path traversal (bsc#1244642).\n- CVE-2026-32147: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) in SFTP chroot\n (bsc#1262503).\n- CVE-2026-42789: `public_key` application accepts non-CA certificates as intermediate issuers and this enables chain\n forgery (bsc#1266449).\n- CVE-2026-42790: Name Constraints and Subject CommonName fallback in TLS hostname verification allows for certificate\n forgery by MITM attacker (bsc#1266466).\n- CVE-2026-42791: OCSP response verification in the `public_key` application does not check the validity period of the\n OCSP responder certificate and allows for OCSP response response forgery (bsc#1266448).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-892",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20907-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1244642",
"url": "https://bugzilla.suse.com/1244642"
},
{
"category": "self",
"summary": "SUSE Bug 1262503",
"url": "https://bugzilla.suse.com/1262503"
},
{
"category": "self",
"summary": "SUSE Bug 1266448",
"url": "https://bugzilla.suse.com/1266448"
},
{
"category": "self",
"summary": "SUSE Bug 1266449",
"url": "https://bugzilla.suse.com/1266449"
},
{
"category": "self",
"summary": "SUSE Bug 1266466",
"url": "https://bugzilla.suse.com/1266466"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32147 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42789 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42790 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42791 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42791/"
}
],
"title": "Security update for erlang",
"tracking": {
"current_release_date": "2026-06-05T11:01:03Z",
"generator": {
"date": "2026-06-05T11:01:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20907-1",
"initial_release_date": "2026-06-05T11:01:03Z",
"revision_history": [
{
"date": "2026-06-05T11:01:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "erlang-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-debugger-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-debugger-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-debugger-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-debugger-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-dialyzer-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-dialyzer-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-diameter-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-diameter-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-diameter-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-diameter-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-doc-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-doc-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-doc-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-epmd-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-epmd-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-epmd-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-et-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-et-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-et-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-et-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-et-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-et-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-jinterface-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-jinterface-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-jinterface-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-observer-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-observer-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-observer-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-observer-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-observer-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-observer-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-reltool-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-reltool-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-reltool-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-reltool-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-src-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-wx-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-wx-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-wx-27.1.3-160000.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-wx-src-27.1.3-160000.5.1.aarch64",
"product": {
"name": "erlang-wx-src-27.1.3-160000.5.1.aarch64",
"product_id": "erlang-wx-src-27.1.3-160000.5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "erlang-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-debugger-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-debugger-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-debugger-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-debugger-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-dialyzer-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-diameter-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-diameter-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-diameter-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-diameter-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-doc-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-doc-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-doc-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-epmd-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-epmd-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-epmd-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-et-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-et-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-et-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-et-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-et-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-et-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-jinterface-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-jinterface-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-observer-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-observer-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-observer-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-observer-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-reltool-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-reltool-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-reltool-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-reltool-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-src-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-wx-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-wx-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-wx-27.1.3-160000.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"product": {
"name": "erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"product_id": "erlang-wx-src-27.1.3-160000.5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "erlang-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-27.1.3-160000.5.1.s390x",
"product_id": "erlang-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-debugger-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-debugger-27.1.3-160000.5.1.s390x",
"product_id": "erlang-debugger-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-debugger-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-debugger-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.s390x",
"product_id": "erlang-dialyzer-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-dialyzer-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-diameter-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-diameter-27.1.3-160000.5.1.s390x",
"product_id": "erlang-diameter-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-diameter-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-diameter-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-epmd-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-epmd-27.1.3-160000.5.1.s390x",
"product_id": "erlang-epmd-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-et-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-et-27.1.3-160000.5.1.s390x",
"product_id": "erlang-et-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-et-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-et-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-et-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-jinterface-27.1.3-160000.5.1.s390x",
"product_id": "erlang-jinterface-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-jinterface-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-observer-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-observer-27.1.3-160000.5.1.s390x",
"product_id": "erlang-observer-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-observer-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-observer-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-observer-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-reltool-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-reltool-27.1.3-160000.5.1.s390x",
"product_id": "erlang-reltool-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-reltool-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-reltool-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-src-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-wx-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-wx-27.1.3-160000.5.1.s390x",
"product_id": "erlang-wx-27.1.3-160000.5.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang-wx-src-27.1.3-160000.5.1.s390x",
"product": {
"name": "erlang-wx-src-27.1.3-160000.5.1.s390x",
"product_id": "erlang-wx-src-27.1.3-160000.5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "erlang-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-debugger-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-debugger-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-debugger-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-debugger-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-dialyzer-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-dialyzer-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-diameter-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-diameter-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-diameter-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-diameter-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-doc-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-doc-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-doc-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-epmd-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-epmd-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-epmd-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-et-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-et-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-et-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-et-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-et-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-et-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-jinterface-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-jinterface-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-jinterface-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-observer-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-observer-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-observer-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-observer-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-observer-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-observer-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-reltool-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-reltool-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-reltool-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-reltool-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-src-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-wx-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-wx-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-wx-27.1.3-160000.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-wx-src-27.1.3-160000.5.1.x86_64",
"product": {
"name": "erlang-wx-src-27.1.3-160000.5.1.x86_64",
"product_id": "erlang-wx-src-27.1.3-160000.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-debugger-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-debugger-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-debugger-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-debugger-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-debugger-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-debugger-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-dialyzer-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-dialyzer-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-diameter-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-diameter-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-diameter-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-diameter-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-diameter-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-diameter-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-doc-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-doc-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-doc-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-doc-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-doc-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-doc-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-epmd-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-epmd-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-epmd-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-epmd-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-epmd-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-epmd-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-epmd-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-epmd-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-et-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-et-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-et-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-et-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-et-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-et-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-et-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-et-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-et-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-jinterface-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-jinterface-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-jinterface-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-jinterface-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-observer-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-observer-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-observer-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-observer-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-observer-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-observer-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-observer-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-observer-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-reltool-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-reltool-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-reltool-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-reltool-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-reltool-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-reltool-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-wx-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-wx-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-wx-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-wx-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-src-27.1.3-160000.5.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64"
},
"product_reference": "erlang-wx-src-27.1.3-160000.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-src-27.1.3-160000.5.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le"
},
"product_reference": "erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-src-27.1.3-160000.5.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x"
},
"product_reference": "erlang-wx-src-27.1.3-160000.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang-wx-src-27.1.3-160000.5.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
},
"product_reference": "erlang-wx-src-27.1.3-160000.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4748"
}
],
"notes": [
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless the memory option is passed.\n\nThis issue affects OTP from OTP 17.0 until OTP 28.0.1, OTP 27.3.4.1 and OTP 26.2.5.13, corresponding to stdlib from 2.0 until 7.0.1, 6.2.2.1 and 5.2.3.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4748",
"url": "https://www.suse.com/security/cve/CVE-2025-4748"
},
{
"category": "external",
"summary": "SUSE Bug 1244642 for CVE-2025-4748",
"url": "https://bugzilla.suse.com/1244642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T11:01:03Z",
"details": "moderate"
}
],
"title": "CVE-2025-4748"
},
{
"cve": "CVE-2026-32147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32147"
}
],
"notes": [
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to modify file attributes outside the configured chroot directory.\n\nThe SFTP daemon (ssh_sftpd) stores the raw, user-supplied path in file handles instead of the chroot-resolved path. When SSH_FXP_FSETSTAT is issued on such a handle, file attributes (permissions, ownership, timestamps) are modified on the real filesystem path, bypassing the root directory boundary entirely.\n\nAny authenticated SFTP user on a server configured with the root option can modify file attributes of files outside the intended chroot boundary. The prerequisite is that a target file must exist on the real filesystem at the same relative path. Note that this vulnerability only allows modification of file attributes; file contents cannot be read or altered through this attack vector.\n\nIf the SSH daemon runs as root, this enables direct privilege escalation: an attacker can set the setuid bit on any binary, change ownership of sensitive files, or make system configuration world-writable.\n\nThis vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routines ssh_sftpd:do_open/4 and ssh_sftpd:handle_op/4.\n\nThis issue affects OTP from OTP 17.0 until OTP 28.4.3, 27.3.4.11, and 26.2.5.20 corresponding to ssh from 3.01 until 5.5.3, 5.2.11.7, and 5.1.4.15.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32147",
"url": "https://www.suse.com/security/cve/CVE-2026-32147"
},
{
"category": "external",
"summary": "SUSE Bug 1262503 for CVE-2026-32147",
"url": "https://bugzilla.suse.com/1262503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T11:01:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-32147"
},
{
"cve": "CVE-2026-42789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42789"
}
],
"notes": [
{
"category": "general",
"text": "Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\n\nIn lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.\n\nAny party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\n\nThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42789",
"url": "https://www.suse.com/security/cve/CVE-2026-42789"
},
{
"category": "external",
"summary": "SUSE Bug 1266449 for CVE-2026-42789",
"url": "https://bugzilla.suse.com/1266449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T11:01:03Z",
"details": "important"
}
],
"title": "CVE-2026-42789"
},
{
"cve": "CVE-2026-42790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42790"
}
],
"notes": [
{
"category": "general",
"text": "Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification.\n\nTwo flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.example.com) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. victim.example.com):\n\nFirst, pubkey_cert:validate_names/6 in lib/public_key/src/pubkey_cert.erl only checks SAN DNS entries against nameConstraints. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A leaf with no subjectAltName therefore trivially satisfies any permitted;DNS:... constraint regardless of its subject commonName.\n\nSecond, public_key:pkix_verify_hostname/3 in lib/public_key/src/public_key.erl falls back to the subject commonName when no subjectAltName is present, extracting id-at-commonName attributes as presented IDs and matching them against the reference hostname. The strict pkix_verify_hostname_match_fun(https) matcher does not suppress this fallback.\n\nThe result is that path validation accepts a CN-only leaf under a DNS-constrained intermediate (no SAN means the nameConstraints are not triggered), and hostname verification then accepts it via the CN fallback. The bypass is reachable from stock ssl:connect with verify_peer, a trusted CA, SNI, and the canonical strict https hostname matcher.\n\nThis issue affects OTP from OTP 19.3 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.4 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42790",
"url": "https://www.suse.com/security/cve/CVE-2026-42790"
},
{
"category": "external",
"summary": "SUSE Bug 1266466 for CVE-2026-42790",
"url": "https://bugzilla.suse.com/1266466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T11:01:03Z",
"details": "important"
}
],
"title": "CVE-2026-42790"
},
{
"cve": "CVE-2026-42791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42791"
}
],
"notes": [
{
"category": "general",
"text": "Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid.\n\nOCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid.\n\nThis affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case - server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate.\n\nThis issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42791",
"url": "https://www.suse.com/security/cve/CVE-2026-42791"
},
{
"category": "external",
"summary": "SUSE Bug 1266448 for CVE-2026-42791",
"url": "https://bugzilla.suse.com/1266448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-debugger-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-dialyzer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-diameter-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-doc-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-epmd-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-et-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-jinterface-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-observer-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-reltool-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-src-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-27.1.3-160000.5.1.x86_64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.aarch64",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.ppc64le",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.s390x",
"openSUSE Leap 16.0:erlang-wx-src-27.1.3-160000.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T11:01:03Z",
"details": "important"
}
],
"title": "CVE-2026-42791"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…