Tag

Erlang

2 briefs RSS

Erlang/OTP Information Disclosure Vulnerability

A remote, authenticated attacker can exploit an unspecified vulnerability in Erlang/OTP to disclose sensitive information.

Erlang/OTP information-disclosure vulnerability erlang

2r 1t May 7, 2026

high advisory

Bandit WebSocket permessage-deflate unbounded inflate leads to DoS

3 rules 6 TTPs

Bandit versions 0.5.8 before 1.11.0 are vulnerable to denial of service when permessage-deflate is enabled, allowing an unauthenticated client to exhaust the BEAM's memory with a single, small, compressed WebSocket frame due to unbounded decompression.

bandit websocket denial-of-service erlang

3r 6t May 7, 2026