UBUNTU-CVE-2025-32433

Source
https://ubuntu.com/security/CVE-2025-32433
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-32433.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-32433
Related
Published
2025-04-16T00:00:00Z
Modified
2025-06-13T12:42:22Z
Severity
  • 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.

References

Affected packages

Ubuntu:Pro:14.04:LTS / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:16.b.3-dfsg-1ubuntu2.2?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:16.*

1:16.b.1-dfsg-4ubuntu1
1:16.b.2-dfsg-1ubuntu1
1:16.b.2-dfsg-2ubuntu1
1:16.b.3-dfsg-1ubuntu1
1:16.b.3-dfsg-1ubuntu2
1:16.b.3-dfsg-1ubuntu2.1
1:16.b.3-dfsg-1ubuntu2.2

Ecosystem specific

{
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)"
}

Ubuntu:Pro:16.04:LTS / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:18.3-dfsg-1ubuntu3.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:18.*

1:18.0-dfsg-1ubuntu1
1:18.0-dfsg-1ubuntu2
1:18.2-dfsg-2ubuntu1
1:18.3-dfsg-1ubuntu1
1:18.3-dfsg-1ubuntu2
1:18.3-dfsg-1ubuntu3
1:18.3-dfsg-1ubuntu3.1

Ecosystem specific

{
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)"
}

Ubuntu:Pro:18.04:LTS / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:20.2.2+dfsg-1ubuntu2?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:20.*

1:20.0.4+dfsg-1ubuntu1
1:20.1.2+dfsg-1ubuntu1
1:20.1.3+dfsg-1ubuntu1
1:20.1.4+dfsg-1ubuntu1
1:20.1.5+dfsg-1ubuntu1
1:20.1.6+dfsg-1ubuntu1
1:20.1.7+dfsg-1ubuntu1
1:20.2.1+dfsg-1ubuntu1
1:20.2.2+dfsg-1ubuntu1
1:20.2.2+dfsg-1ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)"
}

Ubuntu:20.04:LTS / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:22.2.7+dfsg-1ubuntu0.5?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:22.2.7+dfsg-1ubuntu0.5

Affected versions

1:22.*

1:22.0.7+dfsg-1build1
1:22.2+dfsg-1
1:22.2.1+dfsg-1
1:22.2.2+dfsg-1
1:22.2.3+dfsg-1
1:22.2.3+dfsg-2
1:22.2.4+dfsg-1
1:22.2.7+dfsg-1
1:22.2.7+dfsg-1ubuntu0.2
1:22.2.7+dfsg-1ubuntu0.3
1:22.2.7+dfsg-1ubuntu0.4

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)",
    "binaries": [
        {
            "binary_name": "erlang",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-asn1",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-asn1-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-base",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-base-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-base-hipe",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-base-hipe-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-common-test",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-common-test-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-crypto",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-crypto-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-debugger",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-dev",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-dialyzer",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-dialyzer-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-diameter",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-doc",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-edoc",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-eldap",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-erl-docgen",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-et",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-eunit",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-examples",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-ftp",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-inets",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-jinterface",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-manpages",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-megaco",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-megaco-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-mnesia",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-mode",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-nox",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-observer",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-odbc",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-odbc-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-os-mon",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-os-mon-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-parsetools",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-public-key",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-reltool",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-runtime-tools",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-runtime-tools-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-snmp",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-src",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-ssh",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-ssl",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-syntax-tools",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-tftp",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-tools",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-tools-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-wx",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-wx-dbgsym",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-x11",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        },
        {
            "binary_name": "erlang-xmerl",
            "binary_version": "1:22.2.7+dfsg-1ubuntu0.5"
        }
    ]
}

Ubuntu:22.04:LTS / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:24.2.1+dfsg-1ubuntu0.4?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:24.2.1+dfsg-1ubuntu0.4

Affected versions

1:23.*

1:23.2.6+dfsg-1build1

1:24.*

1:24.1.1+dfsg-1
1:24.1.4+dfsg-1
1:24.1.5+dfsg-1
1:24.1.5+dfsg-1ubuntu1
1:24.2+dfsg-1
1:24.2.1+dfsg-1
1:24.2.1+dfsg-1ubuntu0.1
1:24.2.1+dfsg-1ubuntu0.2
1:24.2.1+dfsg-1ubuntu0.3

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)",
    "binaries": [
        {
            "binary_name": "erlang",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-asn1",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-asn1-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-base",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-base-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-common-test",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-common-test-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-crypto",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-crypto-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-debugger",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-dev",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-dialyzer",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-dialyzer-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-diameter",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-doc",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-edoc",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-eldap",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-erl-docgen",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-et",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-eunit",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-examples",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-ftp",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-inets",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-jinterface",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-manpages",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-megaco",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-megaco-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-mnesia",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-mode",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-nox",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-observer",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-odbc",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-odbc-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-os-mon",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-os-mon-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-parsetools",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-public-key",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-reltool",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-runtime-tools",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-runtime-tools-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-snmp",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-src",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-ssh",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-ssl",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-syntax-tools",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-tftp",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-tools",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-tools-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-wx",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-wx-dbgsym",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-x11",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        },
        {
            "binary_name": "erlang-xmerl",
            "binary_version": "1:24.2.1+dfsg-1ubuntu0.4"
        }
    ]
}

Ubuntu:24.10 / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:25.3.2.12+dfsg-1ubuntu2.3?arch=source&distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:25.3.2.12+dfsg-1ubuntu2.3

Affected versions

1:25.*

1:25.3.2.8+dfsg-1ubuntu4
1:25.3.2.12+dfsg-1ubuntu1
1:25.3.2.12+dfsg-1ubuntu2
1:25.3.2.12+dfsg-1ubuntu2.1
1:25.3.2.12+dfsg-1ubuntu2.2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)",
    "binaries": [
        {
            "binary_name": "erlang",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-asn1",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-asn1-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-base",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-base-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-common-test",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-common-test-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-crypto",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-crypto-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-debugger",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-dev",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-dialyzer",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-dialyzer-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-diameter",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-doc",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-edoc",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-eldap",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-erl-docgen",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-et",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-eunit",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-examples",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-ftp",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-inets",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-jinterface",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-manpages",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-megaco",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-megaco-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-mnesia",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-mode",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-nox",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-observer",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-odbc",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-odbc-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-os-mon",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-os-mon-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-parsetools",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-public-key",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-reltool",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-runtime-tools",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-runtime-tools-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-snmp",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-src",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-ssh",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-ssl",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-syntax-tools",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-tftp",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-tools",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-wx",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-wx-dbgsym",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-x11",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        },
        {
            "binary_name": "erlang-xmerl",
            "binary_version": "1:25.3.2.12+dfsg-1ubuntu2.3"
        }
    ]
}

Ubuntu:24.04:LTS / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:25.3.2.8+dfsg-1ubuntu4.3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:25.3.2.8+dfsg-1ubuntu4.3

Affected versions

1:25.*

1:25.2.3+dfsg-1
1:25.3.2.8+dfsg-1
1:25.3.2.8+dfsg-1ubuntu1
1:25.3.2.8+dfsg-1ubuntu3
1:25.3.2.8+dfsg-1ubuntu4
1:25.3.2.8+dfsg-1ubuntu4.1
1:25.3.2.8+dfsg-1ubuntu4.2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)",
    "binaries": [
        {
            "binary_name": "erlang",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-asn1",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-asn1-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-base",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-base-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-common-test",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-common-test-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-crypto",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-crypto-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-debugger",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-dev",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-dialyzer",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-dialyzer-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-diameter",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-doc",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-edoc",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-eldap",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-erl-docgen",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-et",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-eunit",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-examples",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-ftp",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-inets",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-jinterface",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-manpages",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-megaco",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-megaco-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-mnesia",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-mode",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-nox",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-observer",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-odbc",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-odbc-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-os-mon",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-os-mon-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-parsetools",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-public-key",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-reltool",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-runtime-tools",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-runtime-tools-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-snmp",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-src",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-ssh",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-ssl",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-syntax-tools",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-tftp",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-tools",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-wx",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-wx-dbgsym",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-x11",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        },
        {
            "binary_name": "erlang-xmerl",
            "binary_version": "1:25.3.2.8+dfsg-1ubuntu4.3"
        }
    ]
}

Ubuntu:25.04 / erlang

Package

Name
erlang
Purl
pkg:deb/ubuntu/erlang@1:27.3+dfsg-1ubuntu1.1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:27.3+dfsg-1ubuntu1.1

Affected versions

1:25.*

1:25.3.2.12+dfsg-1ubuntu2

1:27.*

1:27.2+dfsg-2
1:27.2.1+dfsg-1
1:27.2.1+dfsg-2
1:27.2.2+dfsg-1
1:27.2.3+dfsg-1
1:27.2.4+dfsg-1
1:27.3+dfsg-1
1:27.3+dfsg-1ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "high",
    "priority_reason": "unauthenticated remote code execution (RCE)",
    "binaries": [
        {
            "binary_name": "erlang",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-asn1",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-asn1-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-base",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-base-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-common-test",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-common-test-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-crypto",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-crypto-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-debugger",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-dev",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-dialyzer",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-dialyzer-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-diameter",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-doc",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-edoc",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-eldap",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-et",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-eunit",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-examples",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-ftp",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-inets",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-jinterface",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-megaco",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-megaco-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-mnesia",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-mode",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-nox",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-observer",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-odbc",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-odbc-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-os-mon",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-os-mon-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-parsetools",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-public-key",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-reltool",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-runtime-tools",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-runtime-tools-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-snmp",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-src",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-ssh",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-ssl",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-syntax-tools",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-tftp",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-tools",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-wx",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-wx-dbgsym",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-x11",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        },
        {
            "binary_name": "erlang-xmerl",
            "binary_version": "1:27.3+dfsg-1ubuntu1.1"
        }
    ]
}