OESA-2026-2705
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2705
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2026-2705.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2026-2705
- Upstream
- Published
- 2026-06-24T13:11:15Z
- Modified
- 2026-06-24T13:30:09.427780177Z
- Summary
- erlang security update
- Details
-
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson.
Security Fix(es):
Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftpfile modules), erlang otp inets (tftpfile modules), erlang otp tftp (tftpfile modules) allows Relative Path Traversal. This vulnerability is associated with program files lib/tftp/src/tftpfile.erl, src/tftp_file.erl.
This issue affects otp: from 17.0, from 07b8f441ca711f9812fad9e9115bab3c3aa92f79; otp: from 5.10 before 7.0; otp: from 1.0.(CVE-2026-21620)
- Database specific
{ "severity": "Low" }- References
Affected packages
openEuler:24.03-LTS-SP1 / erlang
Package
- Name
- erlang
- Purl
- pkg:rpm/openEuler/erlang&distro=openEuler-24.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed25.3.2.6-15.oe2403sp1
Ecosystem specific
{
"aarch64": [
"erlang-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-asn1-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-common_test-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-compiler-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-crypto-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-debugger-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-debuginfo-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-debugsource-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-dialyzer-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-diameter-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-edoc-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-eldap-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-erl_docgen-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-erl_interface-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-erts-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-et-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-eunit-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-examples-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-ftp-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-inets-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-jinterface-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-kernel-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-megaco-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-mnesia-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-observer-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-odbc-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-os_mon-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-parsetools-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-public_key-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-reltool-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-runtime_tools-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-sasl-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-snmp-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-src-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-ssh-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-ssl-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-stdlib-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-syntax_tools-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-tftp-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-tools-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-wx-25.3.2.6-15.oe2403sp1.aarch64.rpm",
"erlang-xmerl-25.3.2.6-15.oe2403sp1.aarch64.rpm"
],
"src": [
"erlang-25.3.2.6-15.oe2403sp1.src.rpm"
],
"x86_64": [
"erlang-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-asn1-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-common_test-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-compiler-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-crypto-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-debugger-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-debuginfo-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-debugsource-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-dialyzer-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-diameter-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-edoc-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-eldap-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-erl_docgen-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-erl_interface-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-erts-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-et-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-eunit-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-examples-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-ftp-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-inets-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-jinterface-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-kernel-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-megaco-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-mnesia-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-observer-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-odbc-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-os_mon-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-parsetools-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-public_key-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-reltool-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-runtime_tools-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-sasl-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-snmp-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-src-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-ssh-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-ssl-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-stdlib-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-syntax_tools-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-tftp-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-tools-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-wx-25.3.2.6-15.oe2403sp1.x86_64.rpm",
"erlang-xmerl-25.3.2.6-15.oe2403sp1.x86_64.rpm"
]
}