erlang is vulnerable to Race Condition (TOCTOU)
87
High Risk
Affected versions of Erlang/OTP contain a race condition in the shared DTLS packet demultiplexer that allows a remote attacker to crash the process by sending rapid ClientHello messages from the same source address and port. Because the demultiplexer is shared across all DTLS sessions on a listener, a successful attack terminates all active connections, resulting in a pre-authentication denial-of-service (DoS).
You are affected if you are using a version that falls within the vulnerable range.
erlang is vulnerable to Race Condition (TOCTOU) in versions 25.3.0 - 27.3.4.13, 28.0.0 - 28.5.0.2 and 29.0.0 - 29.0.2.
Upgrade the erlang library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant