From a9902bbddc67231fb6e6477f3e141b85e9315a4d Mon Sep 17 00:00:00 2001 From: "erlang-bot-app[bot]" <232538940+erlang-bot-app[bot]@users.noreply.github.com> Date: Fri, 3 Jul 2026 01:38:33 +0000 Subject: [PATCH] Automatic update of OpenVEX Statements for erlang/otp --- openvex.table | 166 ++++++- otp-27.openvex.json | 1066 ++++++++++++++++++++++++++++++++++++++++++- otp-28.openvex.json | 736 ++++++++++++++++++++++++++++- otp-29.openvex.json | 262 ++++++++++- 4 files changed, 2222 insertions(+), 8 deletions(-) diff --git a/openvex.table b/openvex.table index b1f2e4c7d95..0d3f70f012b 100644 --- a/openvex.table +++ b/openvex.table @@ -320,6 +320,60 @@ } ], "otp-27": [ + { + "pkg:otp/ssl@11.2": "CVE-2026-55952", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "fixed": [ + "pkg:otp/ssl@11.2.12.10" + ] + } + }, + { + "pkg:otp/ssl@11.2": "CVE-2026-55950", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "fixed": [ + "pkg:otp/ssl@11.2.12.10" + ] + } + }, + { + "pkg:otp/ssl@11.2": "CVE-2026-54891", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "fixed": [ + "pkg:otp/ssl@11.2.12.10" + ] + } + }, + { + "pkg:otp/ssh@5.2": "CVE-2026-54886", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssh@5.2.11.9", + "fixed": [ + "pkg:otp/ssh@5.2.11.9" + ] + } + }, + { + "pkg:otp/ssl@11.2": "CVE-2026-54887", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "fixed": [ + "pkg:otp/ssl@11.2.12.10" + ] + } + }, + { + "pkg:otp/ssh@5.2": "CVE-2026-53422", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssh@5.2.11.9", + "fixed": [ + "pkg:otp/ssh@5.2.11.9" + ] + } + }, { "pkg:otp/ftp@1.2.2": "CVE-2026-48858", "status": { @@ -739,6 +793,60 @@ } ], "otp-28": [ + { + "pkg:otp/ssl@11.3": "CVE-2026-55952", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "fixed": [ + "pkg:otp/ssl@11.6.0.3" + ] + } + }, + { + "pkg:otp/ssl@11.3": "CVE-2026-55950", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "fixed": [ + "pkg:otp/ssl@11.6.0.3" + ] + } + }, + { + "pkg:otp/ssl@11.3": "CVE-2026-54891", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "fixed": [ + "pkg:otp/ssl@11.6.0.3" + ] + } + }, + { + "pkg:otp/ssh@5.3": "CVE-2026-54886", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssh@5.5.2.2", + "fixed": [ + "pkg:otp/ssh@5.5.2.2" + ] + } + }, + { + "pkg:otp/ssl@11.3": "CVE-2026-54887", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "fixed": [ + "pkg:otp/ssl@11.6.0.3" + ] + } + }, + { + "pkg:otp/ssh@5.3": "CVE-2026-53422", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssh@5.5.2.2", + "fixed": [ + "pkg:otp/ssh@5.5.2.2" + ] + } + }, { "pkg:otp/ftp@1.2.4": "CVE-2026-48858", "status": { @@ -1190,6 +1298,60 @@ } ], "otp-29": [ + { + "pkg:otp/ssl@11.7": "CVE-2026-55952", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "fixed": [ + "pkg:otp/ssl@11.7.3" + ] + } + }, + { + "pkg:otp/ssl@11.7": "CVE-2026-55950", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "fixed": [ + "pkg:otp/ssl@11.7.3" + ] + } + }, + { + "pkg:otp/ssl@11.7": "CVE-2026-54891", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "fixed": [ + "pkg:otp/ssl@11.7.3" + ] + } + }, + { + "pkg:otp/ssh@6.0": "CVE-2026-54886", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssh@6.0.2", + "fixed": [ + "pkg:otp/ssh@6.0.2" + ] + } + }, + { + "pkg:otp/ssl@11.7": "CVE-2026-54887", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "fixed": [ + "pkg:otp/ssl@11.7.3" + ] + } + }, + { + "pkg:otp/ssh@6.0": "CVE-2026-53422", + "status": { + "affected": "Update to any of the following versions: pkg:otp/ssh@6.0.2", + "fixed": [ + "pkg:otp/ssh@6.0.2" + ] + } + }, { "pkg:otp/ftp@1.2.5": "CVE-2026-48858", "status": { @@ -1375,9 +1537,9 @@ } ], "otp-30": [ - { + { "pkg:github/PCRE2Project/pcre2@f454e231fe5006dd7ff8f4693fd2b8eb94333429": "OSV-2026-343", "status": { "not_affected": "vulnerable_code_not_present" } - } + } ] } diff --git a/otp-27.openvex.json b/otp-27.openvex.json index b0ad8855d76..8efede0f01d 100644 --- a/otp-27.openvex.json +++ b/otp-27.openvex.json @@ -3,8 +3,8 @@ "@id": "https://erlang.org/download/vex/otp-27.openvex.json", "author": "vexctl", "timestamp": "2025-12-01T14:56:28Z", - "last_updated": "2026-06-17T06:41:38.672302944Z", - "version": 91, + "last_updated": "2026-07-03T01:38:33.188981768Z", + "version": 103, "statements": [ { "vulnerability": { @@ -5999,6 +5999,1068 @@ } ], "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-53422" + }, + "timestamp": "2026-07-03T01:38:32.970254206Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.13" + }, + { + "@id": "pkg:otp/ssh@5.2" + }, + { + "@id": "pkg:otp/ssh@5.2.1" + }, + { + "@id": "pkg:otp/ssh@5.2.2" + }, + { + "@id": "pkg:otp/ssh@5.2.3" + }, + { + "@id": "pkg:otp/ssh@5.2.4" + }, + { + "@id": "pkg:otp/ssh@5.2.5" + }, + { + "@id": "pkg:otp/ssh@5.2.6" + }, + { + "@id": "pkg:otp/ssh@5.2.7" + }, + { + "@id": "pkg:otp/ssh@5.2.8" + }, + { + "@id": "pkg:otp/ssh@5.2.9" + }, + { + "@id": "pkg:otp/ssh@5.2.10" + }, + { + "@id": "pkg:otp/ssh@5.2.11" + }, + { + "@id": "pkg:otp/ssh@5.2.11.1" + }, + { + "@id": "pkg:otp/ssh@5.2.11.2" + }, + { + "@id": "pkg:otp/ssh@5.2.11.3" + }, + { + "@id": "pkg:otp/ssh@5.2.11.4" + }, + { + "@id": "pkg:otp/ssh@5.2.11.5" + }, + { + "@id": "pkg:otp/ssh@5.2.11.6" + }, + { + "@id": "pkg:otp/ssh@5.2.11.7" + }, + { + "@id": "pkg:otp/ssh@5.2.11.8" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.9", + "action_statement_timestamp": "2026-07-03T01:38:32.970254206Z" + }, + { + "vulnerability": { + "name": "CVE-2026-53422" + }, + "timestamp": "2026-07-03T01:38:32.995599504Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.14" + }, + { + "@id": "pkg:otp/ssh@5.2.11.9" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54887" + }, + "timestamp": "2026-07-03T01:38:33.018645702Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.13" + }, + { + "@id": "pkg:otp/ssl@11.2" + }, + { + "@id": "pkg:otp/ssl@11.2.1" + }, + { + "@id": "pkg:otp/ssl@11.2.2" + }, + { + "@id": "pkg:otp/ssl@11.2.3" + }, + { + "@id": "pkg:otp/ssl@11.2.4" + }, + { + "@id": "pkg:otp/ssl@11.2.5" + }, + { + "@id": "pkg:otp/ssl@11.2.6" + }, + { + "@id": "pkg:otp/ssl@11.2.7" + }, + { + "@id": "pkg:otp/ssl@11.2.8" + }, + { + "@id": "pkg:otp/ssl@11.2.9" + }, + { + "@id": "pkg:otp/ssl@11.2.10" + }, + { + "@id": "pkg:otp/ssl@11.2.11" + }, + { + "@id": "pkg:otp/ssl@11.2.12" + }, + { + "@id": "pkg:otp/ssl@11.2.12.1" + }, + { + "@id": "pkg:otp/ssl@11.2.12.2" + }, + { + "@id": "pkg:otp/ssl@11.2.12.3" + }, + { + "@id": "pkg:otp/ssl@11.2.12.4" + }, + { + "@id": "pkg:otp/ssl@11.2.12.5" + }, + { + "@id": "pkg:otp/ssl@11.2.12.6" + }, + { + "@id": "pkg:otp/ssl@11.2.12.7" + }, + { + "@id": "pkg:otp/ssl@11.2.12.8" + }, + { + "@id": "pkg:otp/ssl@11.2.12.9" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "action_statement_timestamp": "2026-07-03T01:38:33.018645702Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54887" + }, + "timestamp": "2026-07-03T01:38:33.036973149Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.14" + }, + { + "@id": "pkg:otp/ssl@11.2.12.10" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54886" + }, + "timestamp": "2026-07-03T01:38:33.055368325Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.13" + }, + { + "@id": "pkg:otp/ssh@5.2" + }, + { + "@id": "pkg:otp/ssh@5.2.1" + }, + { + "@id": "pkg:otp/ssh@5.2.2" + }, + { + "@id": "pkg:otp/ssh@5.2.3" + }, + { + "@id": "pkg:otp/ssh@5.2.4" + }, + { + "@id": "pkg:otp/ssh@5.2.5" + }, + { + "@id": "pkg:otp/ssh@5.2.6" + }, + { + "@id": "pkg:otp/ssh@5.2.7" + }, + { + "@id": "pkg:otp/ssh@5.2.8" + }, + { + "@id": "pkg:otp/ssh@5.2.9" + }, + { + "@id": "pkg:otp/ssh@5.2.10" + }, + { + "@id": "pkg:otp/ssh@5.2.11" + }, + { + "@id": "pkg:otp/ssh@5.2.11.1" + }, + { + "@id": "pkg:otp/ssh@5.2.11.2" + }, + { + "@id": "pkg:otp/ssh@5.2.11.3" + }, + { + "@id": "pkg:otp/ssh@5.2.11.4" + }, + { + "@id": "pkg:otp/ssh@5.2.11.5" + }, + { + "@id": "pkg:otp/ssh@5.2.11.6" + }, + { + "@id": "pkg:otp/ssh@5.2.11.7" + }, + { + "@id": "pkg:otp/ssh@5.2.11.8" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.9", + "action_statement_timestamp": "2026-07-03T01:38:33.055368325Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54886" + }, + "timestamp": "2026-07-03T01:38:33.07415364Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.14" + }, + { + "@id": "pkg:otp/ssh@5.2.11.9" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54891" + }, + "timestamp": "2026-07-03T01:38:33.092600475Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.13" + }, + { + "@id": "pkg:otp/ssl@11.2" + }, + { + "@id": "pkg:otp/ssl@11.2.1" + }, + { + "@id": "pkg:otp/ssl@11.2.2" + }, + { + "@id": "pkg:otp/ssl@11.2.3" + }, + { + "@id": "pkg:otp/ssl@11.2.4" + }, + { + "@id": "pkg:otp/ssl@11.2.5" + }, + { + "@id": "pkg:otp/ssl@11.2.6" + }, + { + "@id": "pkg:otp/ssl@11.2.7" + }, + { + "@id": "pkg:otp/ssl@11.2.8" + }, + { + "@id": "pkg:otp/ssl@11.2.9" + }, + { + "@id": "pkg:otp/ssl@11.2.10" + }, + { + "@id": "pkg:otp/ssl@11.2.11" + }, + { + "@id": "pkg:otp/ssl@11.2.12" + }, + { + "@id": "pkg:otp/ssl@11.2.12.1" + }, + { + "@id": "pkg:otp/ssl@11.2.12.2" + }, + { + "@id": "pkg:otp/ssl@11.2.12.3" + }, + { + "@id": "pkg:otp/ssl@11.2.12.4" + }, + { + "@id": "pkg:otp/ssl@11.2.12.5" + }, + { + "@id": "pkg:otp/ssl@11.2.12.6" + }, + { + "@id": "pkg:otp/ssl@11.2.12.7" + }, + { + "@id": "pkg:otp/ssl@11.2.12.8" + }, + { + "@id": "pkg:otp/ssl@11.2.12.9" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "action_statement_timestamp": "2026-07-03T01:38:33.092600475Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54891" + }, + "timestamp": "2026-07-03T01:38:33.112605284Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.14" + }, + { + "@id": "pkg:otp/ssl@11.2.12.10" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-55950" + }, + "timestamp": "2026-07-03T01:38:33.133338582Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.13" + }, + { + "@id": "pkg:otp/ssl@11.2" + }, + { + "@id": "pkg:otp/ssl@11.2.1" + }, + { + "@id": "pkg:otp/ssl@11.2.2" + }, + { + "@id": "pkg:otp/ssl@11.2.3" + }, + { + "@id": "pkg:otp/ssl@11.2.4" + }, + { + "@id": "pkg:otp/ssl@11.2.5" + }, + { + "@id": "pkg:otp/ssl@11.2.6" + }, + { + "@id": "pkg:otp/ssl@11.2.7" + }, + { + "@id": "pkg:otp/ssl@11.2.8" + }, + { + "@id": "pkg:otp/ssl@11.2.9" + }, + { + "@id": "pkg:otp/ssl@11.2.10" + }, + { + "@id": "pkg:otp/ssl@11.2.11" + }, + { + "@id": "pkg:otp/ssl@11.2.12" + }, + { + "@id": "pkg:otp/ssl@11.2.12.1" + }, + { + "@id": "pkg:otp/ssl@11.2.12.2" + }, + { + "@id": "pkg:otp/ssl@11.2.12.3" + }, + { + "@id": "pkg:otp/ssl@11.2.12.4" + }, + { + "@id": "pkg:otp/ssl@11.2.12.5" + }, + { + "@id": "pkg:otp/ssl@11.2.12.6" + }, + { + "@id": "pkg:otp/ssl@11.2.12.7" + }, + { + "@id": "pkg:otp/ssl@11.2.12.8" + }, + { + "@id": "pkg:otp/ssl@11.2.12.9" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "action_statement_timestamp": "2026-07-03T01:38:33.133338582Z" + }, + { + "vulnerability": { + "name": "CVE-2026-55950" + }, + "timestamp": "2026-07-03T01:38:33.152465069Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.14" + }, + { + "@id": "pkg:otp/ssl@11.2.12.10" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-55952" + }, + "timestamp": "2026-07-03T01:38:33.170842936Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.1.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.2.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" + }, + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.13" + }, + { + "@id": "pkg:otp/ssl@11.2" + }, + { + "@id": "pkg:otp/ssl@11.2.1" + }, + { + "@id": "pkg:otp/ssl@11.2.2" + }, + { + "@id": "pkg:otp/ssl@11.2.3" + }, + { + "@id": "pkg:otp/ssl@11.2.4" + }, + { + "@id": "pkg:otp/ssl@11.2.5" + }, + { + "@id": "pkg:otp/ssl@11.2.6" + }, + { + "@id": "pkg:otp/ssl@11.2.7" + }, + { + "@id": "pkg:otp/ssl@11.2.8" + }, + { + "@id": "pkg:otp/ssl@11.2.9" + }, + { + "@id": "pkg:otp/ssl@11.2.10" + }, + { + "@id": "pkg:otp/ssl@11.2.11" + }, + { + "@id": "pkg:otp/ssl@11.2.12" + }, + { + "@id": "pkg:otp/ssl@11.2.12.1" + }, + { + "@id": "pkg:otp/ssl@11.2.12.2" + }, + { + "@id": "pkg:otp/ssl@11.2.12.3" + }, + { + "@id": "pkg:otp/ssl@11.2.12.4" + }, + { + "@id": "pkg:otp/ssl@11.2.12.5" + }, + { + "@id": "pkg:otp/ssl@11.2.12.6" + }, + { + "@id": "pkg:otp/ssl@11.2.12.7" + }, + { + "@id": "pkg:otp/ssl@11.2.12.8" + }, + { + "@id": "pkg:otp/ssl@11.2.12.9" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.2.12.10", + "action_statement_timestamp": "2026-07-03T01:38:33.170842936Z" + }, + { + "vulnerability": { + "name": "CVE-2026-55952" + }, + "timestamp": "2026-07-03T01:38:33.188982632Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-27.3.4.14" + }, + { + "@id": "pkg:otp/ssl@11.2.12.10" + } + ], + "status": "fixed" } ] } diff --git a/otp-28.openvex.json b/otp-28.openvex.json index ea7ae6209c8..c9db66fa2d4 100644 --- a/otp-28.openvex.json +++ b/otp-28.openvex.json @@ -3,8 +3,8 @@ "@id": "https://erlang.org/download/vex/otp-28.openvex.json", "author": "vexctl", "timestamp": "2025-11-28T16:37:17.252127+01:00", - "last_updated": "2026-06-17T09:58:01.257497595+02:00", - "version": 98, + "last_updated": "2026-07-03T01:38:29.375533294Z", + "version": 110, "statements": [ { "vulnerability": { @@ -3911,6 +3911,738 @@ ], "status": "not_affected", "justification": "vulnerable_code_not_present" + }, + { + "vulnerability": { + "name": "CVE-2026-53422" + }, + "timestamp": "2026-07-03T01:38:29.181816728Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.2" + }, + { + "@id": "pkg:otp/ssh@5.3" + }, + { + "@id": "pkg:otp/ssh@5.3.1" + }, + { + "@id": "pkg:otp/ssh@5.3.2" + }, + { + "@id": "pkg:otp/ssh@5.3.3" + }, + { + "@id": "pkg:otp/ssh@5.3.4" + }, + { + "@id": "pkg:otp/ssh@5.4" + }, + { + "@id": "pkg:otp/ssh@5.4.1" + }, + { + "@id": "pkg:otp/ssh@5.5" + }, + { + "@id": "pkg:otp/ssh@5.5.1" + }, + { + "@id": "pkg:otp/ssh@5.5.2" + }, + { + "@id": "pkg:otp/ssh@5.5.2.1" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.5.2.2", + "action_statement_timestamp": "2026-07-03T01:38:29.181816728Z" + }, + { + "vulnerability": { + "name": "CVE-2026-53422" + }, + "timestamp": "2026-07-03T01:38:29.199860039Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.3" + }, + { + "@id": "pkg:otp/ssh@5.5.2.2" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54887" + }, + "timestamp": "2026-07-03T01:38:29.217309435Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.2" + }, + { + "@id": "pkg:otp/ssl@11.3" + }, + { + "@id": "pkg:otp/ssl@11.3.1" + }, + { + "@id": "pkg:otp/ssl@11.3.2" + }, + { + "@id": "pkg:otp/ssl@11.4" + }, + { + "@id": "pkg:otp/ssl@11.4.1" + }, + { + "@id": "pkg:otp/ssl@11.4.2" + }, + { + "@id": "pkg:otp/ssl@11.5" + }, + { + "@id": "pkg:otp/ssl@11.5.1" + }, + { + "@id": "pkg:otp/ssl@11.5.2" + }, + { + "@id": "pkg:otp/ssl@11.5.3" + }, + { + "@id": "pkg:otp/ssl@11.5.4" + }, + { + "@id": "pkg:otp/ssl@11.6" + }, + { + "@id": "pkg:otp/ssl@11.6.0.1" + }, + { + "@id": "pkg:otp/ssl@11.6.0.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "action_statement_timestamp": "2026-07-03T01:38:29.217309435Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54887" + }, + "timestamp": "2026-07-03T01:38:29.233279559Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.3" + }, + { + "@id": "pkg:otp/ssl@11.6.0.3" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54886" + }, + "timestamp": "2026-07-03T01:38:29.251809847Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.2" + }, + { + "@id": "pkg:otp/ssh@5.3" + }, + { + "@id": "pkg:otp/ssh@5.3.1" + }, + { + "@id": "pkg:otp/ssh@5.3.2" + }, + { + "@id": "pkg:otp/ssh@5.3.3" + }, + { + "@id": "pkg:otp/ssh@5.3.4" + }, + { + "@id": "pkg:otp/ssh@5.4" + }, + { + "@id": "pkg:otp/ssh@5.4.1" + }, + { + "@id": "pkg:otp/ssh@5.5" + }, + { + "@id": "pkg:otp/ssh@5.5.1" + }, + { + "@id": "pkg:otp/ssh@5.5.2" + }, + { + "@id": "pkg:otp/ssh@5.5.2.1" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.5.2.2", + "action_statement_timestamp": "2026-07-03T01:38:29.251809847Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54886" + }, + "timestamp": "2026-07-03T01:38:29.269809414Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.3" + }, + { + "@id": "pkg:otp/ssh@5.5.2.2" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54891" + }, + "timestamp": "2026-07-03T01:38:29.2862052Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.2" + }, + { + "@id": "pkg:otp/ssl@11.3" + }, + { + "@id": "pkg:otp/ssl@11.3.1" + }, + { + "@id": "pkg:otp/ssl@11.3.2" + }, + { + "@id": "pkg:otp/ssl@11.4" + }, + { + "@id": "pkg:otp/ssl@11.4.1" + }, + { + "@id": "pkg:otp/ssl@11.4.2" + }, + { + "@id": "pkg:otp/ssl@11.5" + }, + { + "@id": "pkg:otp/ssl@11.5.1" + }, + { + "@id": "pkg:otp/ssl@11.5.2" + }, + { + "@id": "pkg:otp/ssl@11.5.3" + }, + { + "@id": "pkg:otp/ssl@11.5.4" + }, + { + "@id": "pkg:otp/ssl@11.6" + }, + { + "@id": "pkg:otp/ssl@11.6.0.1" + }, + { + "@id": "pkg:otp/ssl@11.6.0.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "action_statement_timestamp": "2026-07-03T01:38:29.2862052Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54891" + }, + "timestamp": "2026-07-03T01:38:29.305101831Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.3" + }, + { + "@id": "pkg:otp/ssl@11.6.0.3" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-55950" + }, + "timestamp": "2026-07-03T01:38:29.322764002Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.2" + }, + { + "@id": "pkg:otp/ssl@11.3" + }, + { + "@id": "pkg:otp/ssl@11.3.1" + }, + { + "@id": "pkg:otp/ssl@11.3.2" + }, + { + "@id": "pkg:otp/ssl@11.4" + }, + { + "@id": "pkg:otp/ssl@11.4.1" + }, + { + "@id": "pkg:otp/ssl@11.4.2" + }, + { + "@id": "pkg:otp/ssl@11.5" + }, + { + "@id": "pkg:otp/ssl@11.5.1" + }, + { + "@id": "pkg:otp/ssl@11.5.2" + }, + { + "@id": "pkg:otp/ssl@11.5.3" + }, + { + "@id": "pkg:otp/ssl@11.5.4" + }, + { + "@id": "pkg:otp/ssl@11.6" + }, + { + "@id": "pkg:otp/ssl@11.6.0.1" + }, + { + "@id": "pkg:otp/ssl@11.6.0.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "action_statement_timestamp": "2026-07-03T01:38:29.322764002Z" + }, + { + "vulnerability": { + "name": "CVE-2026-55950" + }, + "timestamp": "2026-07-03T01:38:29.339327907Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.3" + }, + { + "@id": "pkg:otp/ssl@11.6.0.3" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-55952" + }, + "timestamp": "2026-07-03T01:38:29.358371443Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.0.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.1.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.3.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.2" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.4.3" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.2" + }, + { + "@id": "pkg:otp/ssl@11.3" + }, + { + "@id": "pkg:otp/ssl@11.3.1" + }, + { + "@id": "pkg:otp/ssl@11.3.2" + }, + { + "@id": "pkg:otp/ssl@11.4" + }, + { + "@id": "pkg:otp/ssl@11.4.1" + }, + { + "@id": "pkg:otp/ssl@11.4.2" + }, + { + "@id": "pkg:otp/ssl@11.5" + }, + { + "@id": "pkg:otp/ssl@11.5.1" + }, + { + "@id": "pkg:otp/ssl@11.5.2" + }, + { + "@id": "pkg:otp/ssl@11.5.3" + }, + { + "@id": "pkg:otp/ssl@11.5.4" + }, + { + "@id": "pkg:otp/ssl@11.6" + }, + { + "@id": "pkg:otp/ssl@11.6.0.1" + }, + { + "@id": "pkg:otp/ssl@11.6.0.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.6.0.3", + "action_statement_timestamp": "2026-07-03T01:38:29.358371443Z" + }, + { + "vulnerability": { + "name": "CVE-2026-55952" + }, + "timestamp": "2026-07-03T01:38:29.375533815Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-28.5.0.3" + }, + { + "@id": "pkg:otp/ssl@11.6.0.3" + } + ], + "status": "fixed" } ] } diff --git a/otp-29.openvex.json b/otp-29.openvex.json index 9f67b0c67ef..21cb32a8f72 100644 --- a/otp-29.openvex.json +++ b/otp-29.openvex.json @@ -3,8 +3,8 @@ "@id": "https://openvex.dev/docs/public/otp/vex-otp-29", "author": "vexctl", "timestamp": "2025-09-19T10:20:20.759995+02:00", - "last_updated": "2026-06-17T09:58:05.369400216+02:00", - "version": 44, + "last_updated": "2026-07-03T01:38:25.534246786Z", + "version": 56, "statements": [ { "vulnerability": { @@ -666,6 +666,264 @@ ], "status": "not_affected", "justification": "vulnerable_code_not_present" + }, + { + "vulnerability": { + "name": "CVE-2026-53422" + }, + "timestamp": "2026-07-03T01:38:25.363943416Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.2" + }, + { + "@id": "pkg:otp/ssh@6.0" + }, + { + "@id": "pkg:otp/ssh@6.0.1" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssh@6.0.2", + "action_statement_timestamp": "2026-07-03T01:38:25.363943416Z" + }, + { + "vulnerability": { + "name": "CVE-2026-53422" + }, + "timestamp": "2026-07-03T01:38:25.380687741Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0.3" + }, + { + "@id": "pkg:otp/ssh@6.0.2" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54887" + }, + "timestamp": "2026-07-03T01:38:25.396278797Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.2" + }, + { + "@id": "pkg:otp/ssl@11.7" + }, + { + "@id": "pkg:otp/ssl@11.7.1" + }, + { + "@id": "pkg:otp/ssl@11.7.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "action_statement_timestamp": "2026-07-03T01:38:25.396278797Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54887" + }, + "timestamp": "2026-07-03T01:38:25.410833039Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0.3" + }, + { + "@id": "pkg:otp/ssl@11.7.3" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54886" + }, + "timestamp": "2026-07-03T01:38:25.426051773Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.2" + }, + { + "@id": "pkg:otp/ssh@6.0" + }, + { + "@id": "pkg:otp/ssh@6.0.1" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssh@6.0.2", + "action_statement_timestamp": "2026-07-03T01:38:25.426051773Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54886" + }, + "timestamp": "2026-07-03T01:38:25.441265573Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0.3" + }, + { + "@id": "pkg:otp/ssh@6.0.2" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-54891" + }, + "timestamp": "2026-07-03T01:38:25.456693438Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.2" + }, + { + "@id": "pkg:otp/ssl@11.7" + }, + { + "@id": "pkg:otp/ssl@11.7.1" + }, + { + "@id": "pkg:otp/ssl@11.7.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "action_statement_timestamp": "2026-07-03T01:38:25.456693438Z" + }, + { + "vulnerability": { + "name": "CVE-2026-54891" + }, + "timestamp": "2026-07-03T01:38:25.471798789Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0.3" + }, + { + "@id": "pkg:otp/ssl@11.7.3" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-55950" + }, + "timestamp": "2026-07-03T01:38:25.487693391Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.2" + }, + { + "@id": "pkg:otp/ssl@11.7" + }, + { + "@id": "pkg:otp/ssl@11.7.1" + }, + { + "@id": "pkg:otp/ssl@11.7.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "action_statement_timestamp": "2026-07-03T01:38:25.487693391Z" + }, + { + "vulnerability": { + "name": "CVE-2026-55950" + }, + "timestamp": "2026-07-03T01:38:25.503318284Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0.3" + }, + { + "@id": "pkg:otp/ssl@11.7.3" + } + ], + "status": "fixed" + }, + { + "vulnerability": { + "name": "CVE-2026-55952" + }, + "timestamp": "2026-07-03T01:38:25.517859623Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.1" + }, + { + "@id": "pkg:github/erlang/otp@OTP-29.0.2" + }, + { + "@id": "pkg:otp/ssl@11.7" + }, + { + "@id": "pkg:otp/ssl@11.7.1" + }, + { + "@id": "pkg:otp/ssl@11.7.2" + } + ], + "status": "affected", + "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.7.3", + "action_statement_timestamp": "2026-07-03T01:38:25.517859623Z" + }, + { + "vulnerability": { + "name": "CVE-2026-55952" + }, + "timestamp": "2026-07-03T01:38:25.534247326Z", + "products": [ + { + "@id": "pkg:github/erlang/otp@OTP-29.0.3" + }, + { + "@id": "pkg:otp/ssl@11.7.3" + } + ], + "status": "fixed" } ] }