CVE-2025-4748 in OTPinformazioni

Riassunto

di MITRE • 16/06/2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless the memory option is passed.

This issue affects OTP from OTP 17.0 until OTP 28.0.1, OTP 27.3.4.1 and OTP 26.2.5.13, corresponding to stdlib from 2.0 until 7.0.1, 6.2.2.1 and 5.2.3.4.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsabile

EEF

Prenotare

15/05/2025

Divulgazione

16/06/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00226

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!