[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21620/erlang

Sat Feb 21 10:17:53 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1374b27f by Salvatore Bonaccorso at 2026-02-21T11:17:28+01:00
Add CVE-2026-21620/erlang

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -437,7 +437,12 @@ CVE-2026-22341 (Authentication Bypass Using an Alternate Path or Channel vulnera
 CVE-2026-21627 (The vulnerability was rooted in how the Tassos Framework plugin handle ...)
 	NOT-FOR-US: Joomla
 CVE-2026-21620 (Relative Path Traversal, Improper Isolation or Compartmentalization vu ...)
-	TODO: check
+	- erlang <unfixed>
+	NOTE: https://github.com/erlang/otp/security/advisories/GHSA-hmrc-prh3-rpvp
+	NOTE: https://github.com/erlang/otp/pull/10706
+	NOTE: Fixed by (merge): https://github.com/erlang/otp/commit/696fdec922661d4a3cc528fc34bc24fae8d4ad8a (OTP-28.3.2)
+	NOTE: Fixed by (merge): https://github.com/erlang/otp/commit/3970738f687325138eb75f798054fa8960ac354e (OTP-27.3.4.8)
+	NOTE: Fixed by (merge): https://github.com/erlang/otp/commit/655fb95725ba2fb811740b57e106873833824344 (OTP-26.2.5.17)
 CVE-2026-20761 (A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and ...)
 	NOT-FOR-US: EnOcean SmartServer IoT
 CVE-2026-1842 (HyperCloud versions 2.3.5 through 2.6.8 improperly allowed refresh tok ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1374b27f1513f197342059ed4b9ee7964c17be12

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1374b27f1513f197342059ed4b9ee7964c17be12
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260221/8e9f1b50/attachment.htm>
