erlang is vulnerable to Improper Validation of Specified Quantity in Input
82
High Risk
Affected versions of Erlang/OTP are vulnerable to a denial-of-service (DoS) issue where a malformed TLS 1.3 ClientHello can crash the session ticket handler process. An unauthenticated attacker can disrupt TLS 1.3 by preventing session ticket issuance, causing new TLS 1.3 connections to fail until the affected listeners or the ssl application are restarted. TLS 1.2 is not affected.
You are affected if you are using a version that falls within the vulnerable range.
erlang is vulnerable to Improper Validation of Specified Quantity in Input in versions 22.2.0 - 27.3.4.13, 28.0.0 - 28.5.0.2 and 29.0.0 - 29.0.2.
Upgrade the erlang library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant