From c23f5884d84de233e7da7dfc24da731b4a302a19 Mon Sep 17 00:00:00 2001 From: Kiko Fernandez-Reyes Date: Fri, 5 Jun 2026 16:34:32 +0200 Subject: [PATCH] otp: scripts publish to orphan branch scripts have been adapted to publish the openvex files into an orphan branch. --- .github/scripts/create-openvex-pr.sh | 30 +- .github/scripts/otp-compliance.es | 102 +- vex/otp-26.openvex.json | 5391 ---------------------- vex/otp-26.openvex.json.license | 7 - vex/otp-27.openvex.json | 5122 -------------------- vex/otp-27.openvex.json.license | 7 - vex/otp-27.openvex.json.sigstore | 1 - vex/otp-27.openvex.json.sigstore.license | 7 - vex/otp-28.openvex.json | 3155 ------------- vex/otp-28.openvex.json.license | 7 - vex/otp-28.openvex.json.sigstore | 1 - vex/otp-28.openvex.json.sigstore.license | 7 - vex/otp-29.openvex.json | 379 -- vex/otp-29.openvex.json.license | 7 - vex/otp-29.openvex.json.sigstore | 1 - vex/otp-29.openvex.json.sigstore.license | 7 - 16 files changed, 85 insertions(+), 14146 deletions(-) delete mode 100644 vex/otp-26.openvex.json delete mode 100644 vex/otp-26.openvex.json.license delete mode 100644 vex/otp-27.openvex.json delete mode 100644 vex/otp-27.openvex.json.license delete mode 100644 vex/otp-27.openvex.json.sigstore delete mode 100644 vex/otp-27.openvex.json.sigstore.license delete mode 100644 vex/otp-28.openvex.json delete mode 100644 vex/otp-28.openvex.json.license delete mode 100644 vex/otp-28.openvex.json.sigstore delete mode 100644 vex/otp-28.openvex.json.sigstore.license delete mode 100644 vex/otp-29.openvex.json delete mode 100644 vex/otp-29.openvex.json.license delete mode 100644 vex/otp-29.openvex.json.sigstore delete mode 100644 vex/otp-29.openvex.json.sigstore.license diff --git a/.github/scripts/create-openvex-pr.sh b/.github/scripts/create-openvex-pr.sh index 2e2b8d8523bc..a8ff97b886d8 100755 --- a/.github/scripts/create-openvex-pr.sh +++ b/.github/scripts/create-openvex-pr.sh @@ -24,6 +24,9 @@ set -e # exit immediately if any command fails REPO=$1 BRANCH_NAME=$2 +ORPHAN_BRANCH="openvex" +OTP_REMOTE="${3:-origin}" + # Fetch PR data using gh CLI PR_STATUS=$(gh pr view "$BRANCH_NAME" --repo "$REPO" --json state -q ".state") FOUND_PR=$? @@ -33,17 +36,32 @@ if [ "$FOUND_PR" -ne 0 ]; then echo "A new PR will be created" fi -# Check if PR is closed if [ "$PR_STATUS" = "CLOSED" ] || [ "$PR_STATUS" = "MERGED" ] || [ "$FOUND_PR" -ne 0 ]; then echo "Pull request #$BRANCH_NAME is CLOSED or MERGED." echo "āœ… A new pull request with name #$BRANCH_NAME will be created." - git branch "$BRANCH_NAME" master - git checkout "$BRANCH_NAME" - git add make/openvex.table - git add vex + + # Stash the generated openvex files (including untracked ones) + git stash push --include-untracked -m "openvex generated files" + + # Fetch and checkout the orphan branch + # OTP_REMOTE is `origin` when this script runs as part of otp-compliance.es called by openvex-sync.yaml + # OTP_REMOTE is `upstream` when we run this script as part of locally removing a false positive CVE, + # when running `otp-compliance vex run`. + git fetch "$OTP_REMOTE" "$ORPHAN_BRANCH" + git checkout "$ORPHAN_BRANCH" + + # Create a new work branch from the orphan branch + git checkout -b "$BRANCH_NAME" + + # Restore the generated files from the stash + git stash pop + + git add otp-*.openvex.json + git add otp-*.openvex.json.license git commit -m "Automatic update of OpenVEX Statements for erlang/otp" git push --force origin "$BRANCH_NAME" - gh pr create --repo "$REPO" -B master \ + + gh pr create --repo "$REPO" -B "$ORPHAN_BRANCH" \ --title "Automatic update of OpenVEX Statements for erlang/otp" \ --body "Automatic Action. There is a vulnerability from GH Advisories without a matching OpenVEX statement" else diff --git a/.github/scripts/otp-compliance.es b/.github/scripts/otp-compliance.es index c86320f3fcca..85c157edda51 100755 --- a/.github/scripts/otp-compliance.es +++ b/.github/scripts/otp-compliance.es @@ -104,7 +104,7 @@ -define(FOUND_VENDOR_VULNERABILITY_TITLE, "Vendor vulnerability found"). -define(FOUND_VENDOR_VULNERABILITY, lists:append(string:replace(?FOUND_VENDOR_VULNERABILITY_TITLE, " ", "+", all))). --define(OTP_GH_URI, "https://raw.githubusercontent.com/" ++ ?GH_ACCOUNT ++ "/refs/heads/master/"). +-define(OTP_GH_URI, "https://raw.githubusercontent.com/" ++ ?GH_ACCOUNT ++ "/refs/heads/openvex/"). %% GH default options -define(GH_ADVISORIES_OPTIONS, "state=published&direction=desc&per_page=100&sort=updated"). @@ -112,9 +112,6 @@ %% Advisories to download from last X years. -define(GH_ADVISORIES_FROM_LAST_X_YEARS, 5). -%% Defines path of script to create PRs for missing openvex/vulnerabilities --define(CREATE_OPENVEX_PR_SCRIPT_FILE, ".github/scripts/create-openvex-pr.sh"). - %% Sets end point account to fetch information from GH %% used by `gh` command-line tool. %% change to your fork for testing, e.g., `kikofernandez/otp` @@ -122,6 +119,8 @@ %% %% +-define(DEBUG, false). + %% Add more relations if necessary. -type spdx_relations() :: #{ 'DOCUMENTATION_OF' => [], 'CONTAINS' => [], @@ -293,15 +292,35 @@ cli() -> #{ help => """ Initialise an openvex file. + 1. Update the `make/openvex.table` + 2. Run the command: + + > .github/scripts/otp-compliance.es vex init -b otp-33 + """, - arguments => [ input_option(~"make/openvex.table"), branch_option(), vex_path_option()], + arguments => [ input_option(~"make/openvex.table"), branch_option()], handler => fun init_openvex/1}, "run" => #{ help => """ - Updates an openvex file. + Updates OpenVEX files. + 1. Update the `make/openvex.table` + 2. Run the following command, which downloads otp-*.openvex.json files + and updates those files using the `openvex.table` + + > .github/scripts/otp-compliance.es vex run -b otp-33 | bash + + 3. Run the following script to create a PR. + The script stashes the generated openvex files. + Fetches the orphan branch `openvex`, and creates a new branch named `vex` locally. + Pops the stash and commits the generate OpenVEX files. + Pushes to `origin` (must be set to your fork). + Creates a PR towards `erlang/otp` with base `openvex`. + + > .github/scripts/create-openvex-pr.sh erlang/otp vex upstream + """, - arguments => [ input_option(~"make/openvex.table"), branch_option(), vex_path_option()], + arguments => [ input_option(~"make/openvex.table"), branch_option()], handler => fun run_openvex/1}, "verify" => @@ -313,6 +332,7 @@ cli() -> Creates PR for any non-present Github Advisory. Example: + > .github/scripts/otp-compliance.es vex verify -p """, @@ -490,14 +510,6 @@ branch_option() -> short => $b, long => "-branch"}. -vex_path_option() -> - #{name => vex_path, - type => binary, - required => false, - default => ?VexPath, - help => "Path to folder containing openvex statements, e.g., `vex/`", - long => "-vex-path"}. - create_pr() -> #{name => create_pr, short => $p, @@ -1633,11 +1645,19 @@ format_vex_statements(OpenVex) -> end, [], Stmts). read_openvex_file(Branch) -> - _ = create_dir(?VexPath), + _ = download_otp_openvex_file(Branch), OpenVexPath = path_to_openvex_filename(Branch), OpenVexStr = erlang:binary_to_list(OpenVexPath), decode(OpenVexStr). +dbg(Text, Args) -> + case ?DEBUG of + true -> + io:format(Text, Args); + false -> + ok + end. + -spec download_otp_openvex_file(Branch :: binary()) -> Json :: map() | EmptyMap :: #{} | no_return(). download_otp_openvex_file(Branch) -> _ = create_dir(?VexPath), @@ -1645,19 +1665,19 @@ download_otp_openvex_file(Branch) -> OpenVexStr = erlang:binary_to_list(OpenVexPath), GithubURI = get_gh_download_uri(OpenVexStr), - io:format("Checking OpenVex statements in '~s' from~n'~s'...~n", [OpenVexPath, GithubURI]), + dbg("Checking OpenVex statements in '~s' from~n'~s'...~n", [OpenVexPath, GithubURI]), ValidURI = "curl -I -Lj --silent " ++ GithubURI ++ " | head -n1 | cut -d' ' -f2", case string:trim(os:cmd(ValidURI)) of "200" -> %% Overrides existing file. - io:format("OpenVex file found.~n~n"), + dbg("OpenVex file found.~n~n", []), Command = "curl -LJ " ++ GithubURI ++ " --output " ++ OpenVexStr, - io:format("Proceed to download:~n~s~n~n", [Command]), + dbg("Proceed to download:~n~s~n~n", [Command]), os:cmd(Command, #{ exception_on_failure => true }), decode(OpenVexStr); E -> - io:format("[~p] No OpenVex statements found for file '~s'.~n~n", [E, OpenVexStr]), + dbg("[~p] No OpenVex statements found for file '~s'.~n~n", [E, OpenVexStr]), #{} end. @@ -1670,7 +1690,7 @@ create_dir(DirName) -> case file:make_dir(DirName) of Result when Result == ok; Result == {error, eexist} -> - io:format("Directory ~s created successfully.~n", [DirName]); + dbg("Directory ~s created successfully.~n", [DirName]); {error, Reason} -> fail("Failed to create directory ~s: ~p~n", [DirName, Reason]) end. @@ -2801,14 +2821,12 @@ extracted_license_info() -> %% Documentation in HOWTO/SBOM.md %% + vex_path(Branch) -> - VexPath = ?VexPath, - vex_path(VexPath, Branch). -vex_path(VexPath, Branch) -> - <>. + <>. -init_openvex(#{input_file := File, branch := Branch, vex_path := VexPath}) -> - InitVex = vex_path(VexPath, Branch), +init_openvex(#{input_file := File, branch := Branch}) -> + InitVex = vex_path(Branch), VexStmts = case filelib:is_file(InitVex) of true -> % file exists maps:get(~"statements", decode(InitVex)); @@ -2817,15 +2835,17 @@ init_openvex(#{input_file := File, branch := Branch, vex_path := VexPath}) -> file:write_file(InitVex, json:format(Init)), maps:get(~"statements", Init) end, - run_openvex1(VexStmts, File, Branch, VexPath). + run_openvex1(VexStmts, File, Branch). -run_openvex(#{input_file := File, branch := Branch, vex_path := VexPath}) -> - InitVex = vex_path(VexPath, Branch), +run_openvex(#{input_file := File, branch := Branch}) -> + %% Download files from orphan branch into VexPath Folder. + _ = download_otp_openvex_file(Branch), + InitVex = vex_path(Branch), VexStmts = maps:get(~"statements", decode(InitVex)), - run_openvex1(VexStmts, File, Branch, VexPath). + run_openvex1(VexStmts, File, Branch). -run_openvex1(VexStmts, VexTableFile, Branch, VexPath) -> - Statements = calculate_statements(VexStmts, VexTableFile, Branch, VexPath), +run_openvex1(VexStmts, VexTableFile, Branch) -> + Statements = calculate_statements(VexStmts, VexTableFile, Branch), lists:foreach(fun (St) -> io:format("~ts", [St]) end, Statements). verify_openvex(#{create_pr := PR}) -> @@ -3169,14 +3189,14 @@ openvex_filter_product(Products) -> vex_set_inclusion(AdvVEX, OpenVEX) -> [VEX || VEX <- AdvVEX, not lists:member(VEX, OpenVEX)]. -calculate_statements(VexStmts, VexTableFile, Branch, VexPath) -> +calculate_statements(VexStmts, VexTableFile, Branch) -> VexTable = decode(VexTableFile), case maps:get(Branch, VexTable, error) of error -> fail("Could not find '~ts' in file '~ts'.~nDid you forget to add an entry with name '~ts' into 'openvex.table'?", [Branch, VexTableFile, Branch]); CVEs -> - calculate_statements_from_cves(VexStmts, CVEs, Branch, VexPath) + calculate_statements_from_cves(VexStmts, CVEs, Branch) end. exists_cve_in_openvex(VexStmts, CVE, StatusCVE, Purl) -> @@ -3210,7 +3230,7 @@ fetch_openvex_status(M) when is_map(M) -> fetch_openvex_status(_) -> {false, false}. -calculate_statements_from_cves(VexStmts, CVEs, Branch, VexPath) -> +calculate_statements_from_cves(VexStmts, CVEs, Branch) -> %% make the function idempotent, i.e., can be called consecutive times producing the same input lists:foldl( fun (#{~"status" := Status}=M, Acc) -> @@ -3220,7 +3240,7 @@ calculate_statements_from_cves(VexStmts, CVEs, Branch, VexPath) -> true -> %% entry exists, ignore to make operation idempotent Acc; false -> - InitVex = vex_path(VexPath, Branch), + InitVex = vex_path(Branch), {FixedStatus, AffectedStatus} = fetch_openvex_status(Status), case Purl of <> -> @@ -3547,9 +3567,9 @@ test_openvex(_) -> test_openvex_branched_otp_tree() -> - {VexPath, Branch, VexStmts} = setup_openvex_test(), + {_VexPath, Branch, VexStmts} = setup_openvex_test(), CVEs = fixup_openvex_branched_otp_tree(), - Result = calculate_statements_from_cves(VexStmts, CVEs, Branch, VexPath), + Result = calculate_statements_from_cves(VexStmts, CVEs, Branch), Expected = [~"vexctl add --in-place otp-23.openvex.json --product='pkg:github/erlang/otp@OTP-23.0,pkg:github/erlang/otp@OTP-23.0.1,pkg:github/erlang/otp@OTP-23.0.2,pkg:github/erlang/otp@OTP-23.0.3,pkg:github/erlang/otp@OTP-23.0.4,pkg:otp/ssl@10.0,pkg:github/erlang/otp@OTP-23.1,pkg:github/erlang/otp@OTP-23.1.1,pkg:github/erlang/otp@OTP-23.1.2,pkg:github/erlang/otp@OTP-23.1.3,pkg:github/erlang/otp@OTP-23.1.4,pkg:github/erlang/otp@OTP-23.1.4.1,pkg:github/erlang/otp@OTP-23.1.5,pkg:otp/ssl@10.1,pkg:github/erlang/otp@OTP-23.2,pkg:github/erlang/otp@OTP-23.2.1,pkg:otp/ssl@10.2,pkg:github/erlang/otp@OTP-23.2.2,pkg:github/erlang/otp@OTP-23.2.3,pkg:otp/ssl@10.2.1,pkg:github/erlang/otp@OTP-23.2.4,pkg:otp/ssl@10.2.2,pkg:github/erlang/otp@OTP-23.2.5,pkg:github/erlang/otp@OTP-23.2.6,pkg:otp/ssl@10.2.3,pkg:github/erlang/otp@OTP-23.2.7,pkg:otp/ssl@10.2.4,pkg:github/erlang/otp@OTP-23.2.7.1,pkg:otp/ssl@10.2.4.1,pkg:github/erlang/otp@OTP-23.2.7.2,pkg:github/erlang/otp@OTP-23.2.7.3,pkg:otp/ssl@10.2.4.2,pkg:github/erlang/otp@OTP-23.2.7.4,pkg:otp/ssl@10.2.4.3,pkg:github/erlang/otp@OTP-23.2.7.5,pkg:otp/ssl@10.2.4.4,pkg:github/erlang/otp@OTP-23.3,pkg:github/erlang/otp@OTP-23.3.1,pkg:otp/ssl@10.3,pkg:github/erlang/otp@OTP-23.3.2,pkg:github/erlang/otp@OTP-23.3.3,pkg:github/erlang/otp@OTP-23.3.4,pkg:github/erlang/otp@OTP-23.3.4.1,pkg:otp/ssl@10.3.1,pkg:github/erlang/otp@OTP-23.3.4.2,pkg:github/erlang/otp@OTP-23.3.4.3,pkg:github/erlang/otp@OTP-23.3.4.4,pkg:otp/ssl@10.3.1.1,pkg:github/erlang/otp@OTP-23.3.4.5,pkg:github/erlang/otp@OTP-23.3.4.6,pkg:github/erlang/otp@OTP-23.3.4.7,pkg:github/erlang/otp@OTP-23.3.4.8,pkg:github/erlang/otp@OTP-23.3.4.9,pkg:github/erlang/otp@OTP-23.3.4.10,pkg:github/erlang/otp@OTP-23.3.4.11,pkg:github/erlang/otp@OTP-23.3.4.12,pkg:github/erlang/otp@OTP-23.3.4.13,pkg:github/erlang/otp@OTP-23.3.4.14,pkg:otp/ssl@10.3.1.2,pkg:github/erlang/otp@OTP-23.3.4.15,pkg:otp/ssl@10.3.1.3,pkg:github/erlang/otp@OTP-23.3.4.16,pkg:otp/ssl@10.3.1.4,pkg:github/erlang/otp@OTP-23.3.4.17,pkg:github/erlang/otp@OTP-23.3.4.18,pkg:github/erlang/otp@OTP-23.3.4.19,pkg:github/erlang/otp@OTP-23.3.4.20,pkg:otp/ssl@10.3.1.5' --vuln='F00' --status='under_investigation'\n", ~"vexctl add --in-place otp-23.openvex.json --product='pkg:github/erlang/otp@OTP-26.0,pkg:otp/erts@14.0,pkg:github/erlang/otp@OTP-26.0.1,pkg:otp/erts@14.0.1,pkg:github/erlang/otp@OTP-26.0.2,pkg:otp/erts@14.0.2,pkg:github/erlang/otp@OTP-26.1,pkg:github/erlang/otp@OTP-26.1.1,pkg:otp/erts@14.1,pkg:github/erlang/otp@OTP-26.1.2,pkg:otp/erts@14.1.1,pkg:github/erlang/otp@OTP-26.2,pkg:otp/erts@14.2,pkg:github/erlang/otp@OTP-26.2.1,pkg:otp/erts@14.2.1,pkg:github/erlang/otp@OTP-26.2.2,pkg:otp/erts@14.2.2,pkg:github/erlang/otp@OTP-26.2.3,pkg:otp/erts@14.2.3,pkg:github/erlang/otp@OTP-26.2.4,pkg:otp/erts@14.2.4,pkg:github/erlang/otp@OTP-26.2.5,pkg:otp/erts@14.2.5,pkg:github/erlang/otp@OTP-26.2.5.1,pkg:otp/erts@14.2.5.1,pkg:github/erlang/otp@OTP-26.2.5.2,pkg:otp/erts@14.2.5.2,pkg:github/erlang/otp@OTP-26.2.5.3,pkg:otp/erts@14.2.5.3,pkg:github/erlang/otp@OTP-26.2.5.4,pkg:github/erlang/otp@OTP-26.2.5.5,pkg:otp/erts@14.2.5.4,pkg:github/erlang/otp@OTP-26.2.5.6,pkg:otp/erts@14.2.5.5,pkg:github/erlang/otp@OTP-26.2.5.7,pkg:otp/erts@14.2.5.6,pkg:github/erlang/otp@OTP-26.2.5.8,pkg:otp/erts@14.2.5.7,pkg:github/erlang/otp@OTP-26.2.5.9,pkg:otp/erts@14.2.5.8,pkg:github/erlang/otp@OTP-26.2.5.10,pkg:github/erlang/otp@OTP-26.2.5.11,pkg:otp/erts@14.2.5.9,pkg:github/erlang/otp@OTP-26.2.5.12,pkg:github/erlang/otp@OTP-26.2.5.13,pkg:otp/erts@14.2.5.10,pkg:github/erlang/otp@OTP-26.2.5.14,pkg:github/erlang/otp@OTP-26.2.5.15,pkg:otp/erts@14.2.5.11' --vuln='CVE-2024-4444' --status='not_affected' --justification='vulnerable_code_not_present'\n", @@ -3575,9 +3595,9 @@ test_openvex_branched_otp_tree() -> %% idempotent: script runs once. if run again, no new vex statements are introduced, %% because there was no change. test_openvex_branched_otp_tree_idempotent() -> - {VexPath, Branch, VexStmts} = setup_openvex_test(fixup_openvex_branched_otp_tree_stmts()), + {_VexPath, Branch, VexStmts} = setup_openvex_test(fixup_openvex_branched_otp_tree_stmts()), CVEs = fixup_openvex_branched_otp_tree(), - Result = calculate_statements_from_cves(VexStmts, CVEs, Branch, VexPath), + Result = calculate_statements_from_cves(VexStmts, CVEs, Branch), true = Result == [], ok. diff --git a/vex/otp-26.openvex.json b/vex/otp-26.openvex.json deleted file mode 100644 index a903cf757464..000000000000 --- a/vex/otp-26.openvex.json +++ /dev/null @@ -1,5391 +0,0 @@ -{ - "@context": "https://openvex.dev/ns/v0.2.0", - "@id": "https://erlang.org/download/vex/otp-26.openvex.json", - "author": "vexctl", - "timestamp": "2025-12-18T07:56:11Z", - "last_updated": "2026-04-08T01:38:53.744083384Z", - "version": 69, - "statements": [ - { - "vulnerability": { - "name": "CVE-2024-53846" - }, - "timestamp": "2025-12-18T07:59:27.744629171Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:otp/ssl@11.1" - }, - { - "@id": "pkg:otp/ssl@11.1.1" - }, - { - "@id": "pkg:otp/ssl@11.1.2" - }, - { - "@id": "pkg:otp/ssl@11.1.3" - }, - { - "@id": "pkg:otp/ssl@11.1.4" - }, - { - "@id": "pkg:otp/ssl@11.1.4.1" - }, - { - "@id": "pkg:otp/ssl@11.1.4.2" - }, - { - "@id": "pkg:otp/ssl@11.1.4.3" - }, - { - "@id": "pkg:otp/ssl@11.1.4.4" - }, - { - "@id": "pkg:otp/ssl@11.1.4.5" - } - ], - "status": "affected", - "action_statement": "Update to ssl@11.1.4.6", - "action_statement_timestamp": "2025-12-18T08:59:27.744629171+01:00" - }, - { - "vulnerability": { - "name": "CVE-2024-53846" - }, - "timestamp": "2025-12-18T07:59:27.768002035Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:otp/ssl@11.1.4.6" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-30211" - }, - "timestamp": "2025-12-18T07:59:27.788917359Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - } - ], - "status": "affected", - "action_statement": "Workaround: set option `parallel_login` to false. Reduce `max_sessions` option.", - "action_statement_timestamp": "2025-12-18T08:59:27.788917359+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-30211" - }, - "timestamp": "2025-12-18T07:59:27.808027623Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-4748" - }, - "timestamp": "2025-12-18T07:59:27.826408469Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:otp/stdlib@5.0" - }, - { - "@id": "pkg:otp/stdlib@5.0.1" - }, - { - "@id": "pkg:otp/stdlib@5.0.2" - }, - { - "@id": "pkg:otp/stdlib@5.1" - }, - { - "@id": "pkg:otp/stdlib@5.1.1" - }, - { - "@id": "pkg:otp/stdlib@5.2" - }, - { - "@id": "pkg:otp/stdlib@5.2.1" - }, - { - "@id": "pkg:otp/stdlib@5.2.2" - }, - { - "@id": "pkg:otp/stdlib@5.2.3" - }, - { - "@id": "pkg:otp/stdlib@5.2.3.1" - }, - { - "@id": "pkg:otp/stdlib@5.2.3.2" - }, - { - "@id": "pkg:otp/stdlib@5.2.3.3" - } - ], - "status": "affected", - "action_statement": "Mitigation: Update to pkg:otp/stdlib@5.2.3.4", - "action_statement_timestamp": "2025-12-18T08:59:27.826408469+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-4748" - }, - "timestamp": "2025-12-18T07:59:27.845069578Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:otp/stdlib@5.2.3.4" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-46712" - }, - "timestamp": "2025-12-18T07:59:27.866747279Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - } - ], - "status": "affected", - "action_statement": "Update to the next version", - "action_statement_timestamp": "2025-12-18T08:59:27.866747279+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-46712" - }, - "timestamp": "2025-12-18T07:59:27.885652507Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:otp/ssh@5.1.4.9" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-32433" - }, - "timestamp": "2025-12-18T07:59:27.906444949Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - } - ], - "status": "affected", - "action_statement": "A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.", - "action_statement_timestamp": "2025-12-18T08:59:27.906444949+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-32433" - }, - "timestamp": "2025-12-18T07:59:27.925598145Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-26618" - }, - "timestamp": "2025-12-18T07:59:27.943982861Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - } - ], - "status": "affected", - "action_statement": "Update to the next version", - "action_statement_timestamp": "2025-12-18T08:59:27.943982861+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-26618" - }, - "timestamp": "2025-12-18T07:59:27.96135029Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-4575" - }, - "timestamp": "2025-12-18T07:59:27.978486643Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-4575" - }, - "timestamp": "2025-12-18T07:59:27.995847956Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-9143" - }, - "timestamp": "2025-12-18T07:59:28.014555921Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-9143" - }, - "timestamp": "2025-12-18T07:59:28.03336707Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-6119" - }, - "timestamp": "2025-12-18T07:59:28.051336707Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-6119" - }, - "timestamp": "2025-12-18T07:59:28.068795585Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-5535" - }, - "timestamp": "2025-12-18T07:59:28.087715439Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-5535" - }, - "timestamp": "2025-12-18T07:59:28.107605976Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4741" - }, - "timestamp": "2025-12-18T07:59:28.130377954Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4741" - }, - "timestamp": "2025-12-18T07:59:28.150306852Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4603" - }, - "timestamp": "2025-12-18T07:59:28.171026434Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4603" - }, - "timestamp": "2025-12-18T07:59:28.188406827Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-2511" - }, - "timestamp": "2025-12-18T07:59:28.207289011Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-2511" - }, - "timestamp": "2025-12-18T07:59:28.226791102Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-13176" - }, - "timestamp": "2025-12-18T07:59:28.247003284Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-13176" - }, - "timestamp": "2025-12-18T07:59:28.267604573Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-0727" - }, - "timestamp": "2025-12-18T07:59:28.290134863Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-0727" - }, - "timestamp": "2025-12-18T07:59:28.313278047Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6237" - }, - "timestamp": "2025-12-18T07:59:28.340178545Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6237" - }, - "timestamp": "2025-12-18T07:59:28.364984081Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6129" - }, - "timestamp": "2025-12-18T07:59:28.388957797Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6129" - }, - "timestamp": "2025-12-18T07:59:28.412824886Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-45853" - }, - "timestamp": "2025-12-18T07:59:28.437246085Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-45853" - }, - "timestamp": "2025-12-18T07:59:28.461589401Z", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-48038" - }, - "timestamp": "2025-12-18T07:59:28.485125942Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - }, - { - "@id": "pkg:otp/ssh@5.1.4.9" - }, - { - "@id": "pkg:otp/ssh@5.1.4.10" - }, - { - "@id": "pkg:otp/ssh@5.1.4.11" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.1.4.12", - "action_statement_timestamp": "2025-12-18T08:59:28.485125942+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48038" - }, - "timestamp": "2025-12-18T07:59:28.509545343Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/ssh@5.1.4.12" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48039" - }, - "timestamp": "2025-12-18T07:59:28.534518979Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - }, - { - "@id": "pkg:otp/ssh@5.1.4.9" - }, - { - "@id": "pkg:otp/ssh@5.1.4.10" - }, - { - "@id": "pkg:otp/ssh@5.1.4.11" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.1.4.12", - "action_statement_timestamp": "2025-12-18T08:59:28.534518979+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48039" - }, - "timestamp": "2025-12-18T07:59:28.559864342Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/ssh@5.1.4.12" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48040" - }, - "timestamp": "2025-12-18T07:59:28.585566336Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - }, - { - "@id": "pkg:otp/ssh@5.1.4.9" - }, - { - "@id": "pkg:otp/ssh@5.1.4.10" - }, - { - "@id": "pkg:otp/ssh@5.1.4.11" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.1.4.12", - "action_statement_timestamp": "2025-12-18T08:59:28.585566336+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48040" - }, - "timestamp": "2025-12-18T07:59:28.611828438Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/ssh@5.1.4.12" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2016-1000107" - }, - "timestamp": "2025-12-18T07:59:28.638873255Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:otp/inets@9.0" - }, - { - "@id": "pkg:otp/inets@9.0.1" - }, - { - "@id": "pkg:otp/inets@9.0.2" - }, - { - "@id": "pkg:otp/inets@9.1" - }, - { - "@id": "pkg:otp/inets@9.1.0.1" - }, - { - "@id": "pkg:otp/inets@9.1.0.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.1.0.3", - "action_statement_timestamp": "2025-12-18T08:59:28.638873255+01:00" - }, - { - "vulnerability": { - "name": "CVE-2016-1000107" - }, - "timestamp": "2025-12-18T07:59:28.664035863Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/inets@9.1.0.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48041" - }, - "timestamp": "2025-12-18T07:59:28.6883974Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - }, - { - "@id": "pkg:otp/ssh@5.1.4.9" - }, - { - "@id": "pkg:otp/ssh@5.1.4.10" - }, - { - "@id": "pkg:otp/ssh@5.1.4.11" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.1.4.12", - "action_statement_timestamp": "2025-12-18T08:59:28.6883974+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48041" - }, - "timestamp": "2025-12-18T07:59:28.710579648Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/ssh@5.1.4.12" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2023-48795" - }, - "timestamp": "2025-12-18T07:59:28.733671065Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.1.1", - "action_statement_timestamp": "2025-12-18T08:59:28.733671065+01:00" - }, - { - "vulnerability": { - "name": "CVE-2023-48795" - }, - "timestamp": "2025-12-18T07:59:28.75955561Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-22184" - }, - "timestamp": "2026-01-19T11:49:19.009873564Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22184" - }, - "timestamp": "2026-01-19T11:49:19.033565398Z", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-5678" - }, - "timestamp": "2026-02-10T10:33:17.064240928Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erl_interface@5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erl_interface@5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erl_interface@5.5.1" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-5678" - }, - "timestamp": "2026-02-10T10:33:17.112489086Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-21620" - }, - "timestamp": "2026-02-21T01:37:01.059834886Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/tftp@1.1" - }, - { - "@id": "pkg:otp/tftp@1.1.1" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/tftp@1.1.1.1", - "action_statement_timestamp": "2026-02-21T01:37:01.059834886Z" - }, - { - "vulnerability": { - "name": "CVE-2026-21620" - }, - "timestamp": "2026-02-21T01:37:01.079082565Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:otp/tftp@1.1.1.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-27171" - }, - "timestamp": "2026-02-24T14:43:02.620634025+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:otp/erts@14.2.5.13" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-27171" - }, - "timestamp": "2026-02-24T14:43:02.640056422+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-23941" - }, - "timestamp": "2026-03-14T01:37:46.771889953Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:otp/inets@9.0" - }, - { - "@id": "pkg:otp/inets@9.0.1" - }, - { - "@id": "pkg:otp/inets@9.0.2" - }, - { - "@id": "pkg:otp/inets@9.1" - }, - { - "@id": "pkg:otp/inets@9.1.0.1" - }, - { - "@id": "pkg:otp/inets@9.1.0.2" - }, - { - "@id": "pkg:otp/inets@9.1.0.3" - }, - { - "@id": "pkg:otp/inets@9.1.0.4" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.1.0.5", - "action_statement_timestamp": "2026-03-14T01:37:46.771889953Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23941" - }, - "timestamp": "2026-03-14T01:37:46.791199549Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.18" - }, - { - "@id": "pkg:otp/inets@9.1.0.5" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-23943" - }, - "timestamp": "2026-03-14T01:37:46.81113613Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - }, - { - "@id": "pkg:otp/ssh@5.1.4.9" - }, - { - "@id": "pkg:otp/ssh@5.1.4.10" - }, - { - "@id": "pkg:otp/ssh@5.1.4.11" - }, - { - "@id": "pkg:otp/ssh@5.1.4.12" - }, - { - "@id": "pkg:otp/ssh@5.1.4.13" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.1.4.14", - "action_statement_timestamp": "2026-03-14T01:37:46.81113613Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23943" - }, - "timestamp": "2026-03-14T01:37:46.831151286Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.18" - }, - { - "@id": "pkg:otp/ssh@5.1.4.14" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-23942" - }, - "timestamp": "2026-03-14T01:37:46.851717397Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:otp/ssh@5.0" - }, - { - "@id": "pkg:otp/ssh@5.0.1" - }, - { - "@id": "pkg:otp/ssh@5.1" - }, - { - "@id": "pkg:otp/ssh@5.1.1" - }, - { - "@id": "pkg:otp/ssh@5.1.2" - }, - { - "@id": "pkg:otp/ssh@5.1.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.1" - }, - { - "@id": "pkg:otp/ssh@5.1.4.2" - }, - { - "@id": "pkg:otp/ssh@5.1.4.3" - }, - { - "@id": "pkg:otp/ssh@5.1.4.4" - }, - { - "@id": "pkg:otp/ssh@5.1.4.5" - }, - { - "@id": "pkg:otp/ssh@5.1.4.6" - }, - { - "@id": "pkg:otp/ssh@5.1.4.7" - }, - { - "@id": "pkg:otp/ssh@5.1.4.8" - }, - { - "@id": "pkg:otp/ssh@5.1.4.9" - }, - { - "@id": "pkg:otp/ssh@5.1.4.10" - }, - { - "@id": "pkg:otp/ssh@5.1.4.11" - }, - { - "@id": "pkg:otp/ssh@5.1.4.12" - }, - { - "@id": "pkg:otp/ssh@5.1.4.13" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.1.4.14", - "action_statement_timestamp": "2026-03-14T01:37:46.851717397Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23942" - }, - "timestamp": "2026-03-14T01:37:46.870560752Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.18" - }, - { - "@id": "pkg:otp/ssh@5.1.4.14" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-3381" - }, - "timestamp": "2026-03-16T09:49:48.005674087+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:otp/erts@14.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:otp/erts@14.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:otp/erts@14.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:otp/erts@14.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:otp/erts@14.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:otp/erts@14.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:otp/erts@14.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:otp/erts@14.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:otp/erts@14.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:otp/erts@14.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:otp/erts@14.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:otp/erts@14.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:otp/erts@14.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:otp/erts@14.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:otp/erts@14.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:otp/erts@14.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:otp/erts@14.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:otp/erts@14.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:otp/erts@14.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:otp/erts@14.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:otp/erts@14.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:otp/erts@14.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:otp/erts@14.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.18" - }, - { - "@id": "pkg:otp/erts@14.2.5.13" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-3381" - }, - "timestamp": "2026-03-16T09:49:48.027999039+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-28808" - }, - "timestamp": "2026-04-08T01:38:53.68405616Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.18" - }, - { - "@id": "pkg:otp/inets@9.0" - }, - { - "@id": "pkg:otp/inets@9.0.1" - }, - { - "@id": "pkg:otp/inets@9.0.2" - }, - { - "@id": "pkg:otp/inets@9.1" - }, - { - "@id": "pkg:otp/inets@9.1.0.1" - }, - { - "@id": "pkg:otp/inets@9.1.0.2" - }, - { - "@id": "pkg:otp/inets@9.1.0.3" - }, - { - "@id": "pkg:otp/inets@9.1.0.4" - }, - { - "@id": "pkg:otp/inets@9.1.0.5" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.1.0.6", - "action_statement_timestamp": "2026-04-08T01:38:53.68405616Z" - }, - { - "vulnerability": { - "name": "CVE-2026-28808" - }, - "timestamp": "2026-04-08T01:38:53.703680808Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.19" - }, - { - "@id": "pkg:otp/inets@9.1.0.6" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-28810" - }, - "timestamp": "2026-04-08T01:38:53.724406829Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.11" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.13" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.14" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.15" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.16" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.17" - }, - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.18" - }, - { - "@id": "pkg:otp/kernel@9.0" - }, - { - "@id": "pkg:otp/kernel@9.0.1" - }, - { - "@id": "pkg:otp/kernel@9.0.2" - }, - { - "@id": "pkg:otp/kernel@9.1" - }, - { - "@id": "pkg:otp/kernel@9.2" - }, - { - "@id": "pkg:otp/kernel@9.2.1" - }, - { - "@id": "pkg:otp/kernel@9.2.2" - }, - { - "@id": "pkg:otp/kernel@9.2.3" - }, - { - "@id": "pkg:otp/kernel@9.2.4" - }, - { - "@id": "pkg:otp/kernel@9.2.4.1" - }, - { - "@id": "pkg:otp/kernel@9.2.4.2" - }, - { - "@id": "pkg:otp/kernel@9.2.4.3" - }, - { - "@id": "pkg:otp/kernel@9.2.4.4" - }, - { - "@id": "pkg:otp/kernel@9.2.4.5" - }, - { - "@id": "pkg:otp/kernel@9.2.4.6" - }, - { - "@id": "pkg:otp/kernel@9.2.4.7" - }, - { - "@id": "pkg:otp/kernel@9.2.4.8" - }, - { - "@id": "pkg:otp/kernel@9.2.4.9" - }, - { - "@id": "pkg:otp/kernel@9.2.4.10" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/kernel@9.2.4.11", - "action_statement_timestamp": "2026-04-08T01:38:53.724406829Z" - }, - { - "vulnerability": { - "name": "CVE-2026-28810" - }, - "timestamp": "2026-04-08T01:38:53.744084115Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-26.2.5.19" - }, - { - "@id": "pkg:otp/kernel@9.2.4.11" - } - ], - "status": "fixed" - } - ] -} diff --git a/vex/otp-26.openvex.json.license b/vex/otp-26.openvex.json.license deleted file mode 100644 index 1ea854fee3f9..000000000000 --- a/vex/otp-26.openvex.json.license +++ /dev/null @@ -1,7 +0,0 @@ -%CopyrightBegin% - -SPDX-License-Identifier: Apache-2.0 - -Copyright Ericsson AB 2025. All Rights Reserved. - -%CopyrightEnd% diff --git a/vex/otp-27.openvex.json b/vex/otp-27.openvex.json deleted file mode 100644 index ec0d9c48f8d8..000000000000 --- a/vex/otp-27.openvex.json +++ /dev/null @@ -1,5122 +0,0 @@ -{ - "@context": "https://openvex.dev/ns/v0.2.0", - "@id": "https://erlang.org/download/vex/otp-27.openvex.json", - "author": "vexctl", - "timestamp": "2025-12-01T14:56:28Z", - "last_updated": "2026-06-03T14:23:12.507336823Z", - "version": 79, - "statements": [ - { - "vulnerability": { - "name": "CVE-2024-53846" - }, - "timestamp": "2025-12-01T14:58:04.676135893Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:otp/ssl@11.2" - }, - { - "@id": "pkg:otp/ssl@11.2.1" - }, - { - "@id": "pkg:otp/ssl@11.2.2" - }, - { - "@id": "pkg:otp/ssl@11.2.3" - }, - { - "@id": "pkg:otp/ssl@11.2.4" - } - ], - "status": "affected", - "action_statement": "Update to ssl@11.2.5", - "action_statement_timestamp": "2025-12-01T15:58:04.676135893+01:00" - }, - { - "vulnerability": { - "name": "CVE-2024-53846" - }, - "timestamp": "2025-12-01T14:58:04.701737024Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:otp/ssl@11.2.5" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-30211" - }, - "timestamp": "2025-12-01T14:58:04.727733703Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - } - ], - "status": "affected", - "action_statement": "Workaround: set option `parallel_login` to false. Reduce `max_sessions` option.", - "action_statement_timestamp": "2025-12-01T15:58:04.727733703+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-30211" - }, - "timestamp": "2025-12-01T14:58:04.754191758Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-4748" - }, - "timestamp": "2025-12-01T14:58:04.781290272Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:otp/stdlib@6.0" - }, - { - "@id": "pkg:otp/stdlib@6.0.1" - }, - { - "@id": "pkg:otp/stdlib@6.1" - }, - { - "@id": "pkg:otp/stdlib@6.1.1" - }, - { - "@id": "pkg:otp/stdlib@6.1.2" - }, - { - "@id": "pkg:otp/stdlib@6.2" - }, - { - "@id": "pkg:otp/stdlib@6.2.1" - }, - { - "@id": "pkg:otp/stdlib@6.2.2" - } - ], - "status": "affected", - "action_statement": "Mitigation: Update to pkg:otp/stdlib@6.2.2.1", - "action_statement_timestamp": "2025-12-01T15:58:04.781290272+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-4748" - }, - "timestamp": "2025-12-01T14:58:04.807220844Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:otp/stdlib@6.2.2.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-46712" - }, - "timestamp": "2025-12-01T14:58:04.831658376Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - } - ], - "status": "affected", - "action_statement": "Update to ssh@5.2.11", - "action_statement_timestamp": "2025-12-01T15:58:04.831658376+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-46712" - }, - "timestamp": "2025-12-01T14:58:04.856333805Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-26618" - }, - "timestamp": "2025-12-01T14:58:04.882662124Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - } - ], - "status": "affected", - "action_statement": "Update to the next version", - "action_statement_timestamp": "2025-12-01T15:58:04.882662124+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-26618" - }, - "timestamp": "2025-12-01T14:58:04.907576879Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-4575" - }, - "timestamp": "2025-12-01T14:58:04.932616918Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-4575" - }, - "timestamp": "2025-12-01T14:58:04.957167441Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-9143" - }, - "timestamp": "2025-12-01T14:58:04.983234466Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-9143" - }, - "timestamp": "2025-12-01T14:58:05.009435098Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-6119" - }, - "timestamp": "2025-12-01T14:58:05.036687328Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-6119" - }, - "timestamp": "2025-12-01T14:58:05.064139567Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-5535" - }, - "timestamp": "2025-12-01T14:58:05.091224128Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-5535" - }, - "timestamp": "2025-12-01T14:58:05.116158511Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4741" - }, - "timestamp": "2025-12-01T14:58:05.14290614Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4741" - }, - "timestamp": "2025-12-01T14:58:05.169815167Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4603" - }, - "timestamp": "2025-12-01T14:58:05.196616098Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-4603" - }, - "timestamp": "2025-12-01T14:58:05.223672612Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-2511" - }, - "timestamp": "2025-12-01T14:58:05.249808322Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-2511" - }, - "timestamp": "2025-12-01T14:58:05.275428485Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-13176" - }, - "timestamp": "2025-12-01T14:58:05.302915294Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-13176" - }, - "timestamp": "2025-12-01T14:58:05.329480876Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-0727" - }, - "timestamp": "2025-12-01T14:58:05.356446094Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-0727" - }, - "timestamp": "2025-12-01T14:58:05.382511802Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6237" - }, - "timestamp": "2025-12-01T14:58:05.412368374Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6237" - }, - "timestamp": "2025-12-01T14:58:05.439685196Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6129" - }, - "timestamp": "2025-12-01T14:58:05.469612304Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-6129" - }, - "timestamp": "2025-12-01T14:58:05.496467259Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-45853" - }, - "timestamp": "2025-12-01T14:58:05.524449166Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-45853" - }, - "timestamp": "2025-12-01T14:58:05.551921819Z", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-48038" - }, - "timestamp": "2025-12-01T14:58:05.580498585Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.1" - }, - { - "@id": "pkg:otp/ssh@5.2.11.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.3", - "action_statement_timestamp": "2025-12-01T15:58:05.580498585+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48038" - }, - "timestamp": "2025-12-01T14:58:05.608470962Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/ssh@5.2.11.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48039" - }, - "timestamp": "2025-12-01T14:58:05.636601008Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.1" - }, - { - "@id": "pkg:otp/ssh@5.2.11.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.3", - "action_statement_timestamp": "2025-12-01T15:58:05.636601008+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48039" - }, - "timestamp": "2025-12-01T14:58:05.664196691Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/ssh@5.2.11.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48040" - }, - "timestamp": "2025-12-01T14:58:05.691304202Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.1" - }, - { - "@id": "pkg:otp/ssh@5.2.11.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.3", - "action_statement_timestamp": "2025-12-01T15:58:05.691304202+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48040" - }, - "timestamp": "2025-12-01T14:58:05.718530378Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/ssh@5.2.11.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2016-1000107" - }, - "timestamp": "2025-12-01T14:58:05.746801093Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/inets@9.2" - }, - { - "@id": "pkg:otp/inets@9.3" - }, - { - "@id": "pkg:otp/inets@9.3.1" - }, - { - "@id": "pkg:otp/inets@9.3.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.3.2.1", - "action_statement_timestamp": "2025-12-01T15:58:05.746801093+01:00" - }, - { - "vulnerability": { - "name": "CVE-2016-1000107" - }, - "timestamp": "2025-12-01T14:58:05.774679617Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/inets@9.3.2.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48041" - }, - "timestamp": "2025-12-01T14:58:05.803591848Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.1" - }, - { - "@id": "pkg:otp/ssh@5.2.11.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.3", - "action_statement_timestamp": "2025-12-01T15:58:05.803591848+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48041" - }, - "timestamp": "2025-12-01T14:58:05.831175442Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/ssh@5.2.11.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-32433" - }, - "timestamp": "2025-12-01T14:58:05.860624884Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.10", - "action_statement_timestamp": "2025-12-01T15:58:05.860624884+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-32433" - }, - "timestamp": "2025-12-01T14:58:05.887623095Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-22184" - }, - "timestamp": "2026-01-19T11:49:23.276455753Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22184" - }, - "timestamp": "2026-01-19T11:49:23.294839878Z", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-5678" - }, - "timestamp": "2026-02-10T10:33:35.32757306Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:otp/erl_interface@5.5.2" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - }, - { - "@id": "pkg:otp/erts@15.2.7.5" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-5678" - }, - "timestamp": "2026-02-10T10:33:35.36215105Z", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-21620" - }, - "timestamp": "2026-02-21T01:36:59.373353194Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:otp/tftp@1.2" - }, - { - "@id": "pkg:otp/tftp@1.2.1" - }, - { - "@id": "pkg:otp/tftp@1.2.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/tftp@1.2.2.1", - "action_statement_timestamp": "2026-02-21T01:36:59.373353194Z" - }, - { - "vulnerability": { - "name": "CVE-2026-21620" - }, - "timestamp": "2026-02-21T01:36:59.392684781Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:otp/tftp@1.2.2.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-27171" - }, - "timestamp": "2026-02-24T14:43:07.930768192+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:otp/erts@15.2.7.6" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-27171" - }, - "timestamp": "2026-02-24T14:43:07.94838405+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-23941" - }, - "timestamp": "2026-03-14T01:37:44.5461107Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:otp/inets@9.2" - }, - { - "@id": "pkg:otp/inets@9.3" - }, - { - "@id": "pkg:otp/inets@9.3.1" - }, - { - "@id": "pkg:otp/inets@9.3.2" - }, - { - "@id": "pkg:otp/inets@9.3.2.1" - }, - { - "@id": "pkg:otp/inets@9.3.2.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.3.2.3", - "action_statement_timestamp": "2026-03-14T01:37:44.5461107Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23941" - }, - "timestamp": "2026-03-14T01:37:44.565695199Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/inets@9.3.2.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-23943" - }, - "timestamp": "2026-03-14T01:37:44.586552808Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.1" - }, - { - "@id": "pkg:otp/ssh@5.2.11.2" - }, - { - "@id": "pkg:otp/ssh@5.2.11.3" - }, - { - "@id": "pkg:otp/ssh@5.2.11.4" - }, - { - "@id": "pkg:otp/ssh@5.2.11.5" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.6", - "action_statement_timestamp": "2026-03-14T01:37:44.586552808Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23943" - }, - "timestamp": "2026-03-14T01:37:44.604688204Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/ssh@5.2.11.6" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-23942" - }, - "timestamp": "2026-03-14T01:37:44.626374081Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.1" - }, - { - "@id": "pkg:otp/ssh@5.2.11.2" - }, - { - "@id": "pkg:otp/ssh@5.2.11.3" - }, - { - "@id": "pkg:otp/ssh@5.2.11.4" - }, - { - "@id": "pkg:otp/ssh@5.2.11.5" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.6", - "action_statement_timestamp": "2026-03-14T01:37:44.626374081Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23942" - }, - "timestamp": "2026-03-14T01:37:44.646597794Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/ssh@5.2.11.6" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-3381" - }, - "timestamp": "2026-03-16T09:49:44.16830129+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:otp/erts@15.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:otp/erts@15.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:otp/erts@15.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:otp/erts@15.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:otp/erts@15.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:otp/erts@15.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:otp/erts@15.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:otp/erts@15.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:otp/erts@15.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:otp/erts@15.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:otp/erts@15.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:otp/erts@15.2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:otp/erts@15.2.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:otp/erts@15.2.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:otp/erts@15.2.7.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:otp/erts@15.2.7.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:otp/erts@15.2.7.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:otp/erts@15.2.7.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:otp/erts@15.2.7.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/erts@15.2.7.6" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-3381" - }, - "timestamp": "2026-03-16T09:49:44.188088876+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@04f42ceca40f73e2978b50e93806c2a18c1281fc" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:51.613294514Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/ssl@11.2" - }, - { - "@id": "pkg:otp/ssl@11.2.1" - }, - { - "@id": "pkg:otp/ssl@11.2.2" - }, - { - "@id": "pkg:otp/ssl@11.2.3" - }, - { - "@id": "pkg:otp/ssl@11.2.4" - }, - { - "@id": "pkg:otp/ssl@11.2.5" - }, - { - "@id": "pkg:otp/ssl@11.2.6" - }, - { - "@id": "pkg:otp/ssl@11.2.7" - }, - { - "@id": "pkg:otp/ssl@11.2.8" - }, - { - "@id": "pkg:otp/ssl@11.2.9" - }, - { - "@id": "pkg:otp/ssl@11.2.10" - }, - { - "@id": "pkg:otp/ssl@11.2.11" - }, - { - "@id": "pkg:otp/ssl@11.2.12" - }, - { - "@id": "pkg:otp/ssl@11.2.12.1" - }, - { - "@id": "pkg:otp/ssl@11.2.12.2" - }, - { - "@id": "pkg:otp/ssl@11.2.12.3" - }, - { - "@id": "pkg:otp/ssl@11.2.12.4" - }, - { - "@id": "pkg:otp/ssl@11.2.12.5" - }, - { - "@id": "pkg:otp/ssl@11.2.12.6" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.2.12.7", - "action_statement_timestamp": "2026-04-08T01:38:51.613294514Z" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:51.631686796Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:otp/ssl@11.2.12.7" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:51.651015272Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/public_key@1.16" - }, - { - "@id": "pkg:otp/public_key@1.16.1" - }, - { - "@id": "pkg:otp/public_key@1.16.2" - }, - { - "@id": "pkg:otp/public_key@1.16.3" - }, - { - "@id": "pkg:otp/public_key@1.16.4" - }, - { - "@id": "pkg:otp/public_key@1.17" - }, - { - "@id": "pkg:otp/public_key@1.17.1" - }, - { - "@id": "pkg:otp/public_key@1.17.1.1" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.17.1.2", - "action_statement_timestamp": "2026-04-08T01:38:51.651015272Z" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:51.668657477Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:otp/public_key@1.17.1.2" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-28808" - }, - "timestamp": "2026-04-08T01:38:51.687981004Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/inets@9.2" - }, - { - "@id": "pkg:otp/inets@9.3" - }, - { - "@id": "pkg:otp/inets@9.3.1" - }, - { - "@id": "pkg:otp/inets@9.3.2" - }, - { - "@id": "pkg:otp/inets@9.3.2.1" - }, - { - "@id": "pkg:otp/inets@9.3.2.2" - }, - { - "@id": "pkg:otp/inets@9.3.2.3" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.3.2.4", - "action_statement_timestamp": "2026-04-08T01:38:51.687981004Z" - }, - { - "vulnerability": { - "name": "CVE-2026-28808" - }, - "timestamp": "2026-04-08T01:38:51.706640814Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:otp/inets@9.3.2.4" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-28810" - }, - "timestamp": "2026-04-08T01:38:51.726147493Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:otp/kernel@10.0" - }, - { - "@id": "pkg:otp/kernel@10.0.1" - }, - { - "@id": "pkg:otp/kernel@10.1" - }, - { - "@id": "pkg:otp/kernel@10.1.1" - }, - { - "@id": "pkg:otp/kernel@10.1.2" - }, - { - "@id": "pkg:otp/kernel@10.2" - }, - { - "@id": "pkg:otp/kernel@10.2.1" - }, - { - "@id": "pkg:otp/kernel@10.2.2" - }, - { - "@id": "pkg:otp/kernel@10.2.3" - }, - { - "@id": "pkg:otp/kernel@10.2.4" - }, - { - "@id": "pkg:otp/kernel@10.2.5" - }, - { - "@id": "pkg:otp/kernel@10.2.6" - }, - { - "@id": "pkg:otp/kernel@10.2.7" - }, - { - "@id": "pkg:otp/kernel@10.2.7.1" - }, - { - "@id": "pkg:otp/kernel@10.2.7.2" - }, - { - "@id": "pkg:otp/kernel@10.2.7.3" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/kernel@10.2.7.4", - "action_statement_timestamp": "2026-04-08T01:38:51.726147493Z" - }, - { - "vulnerability": { - "name": "CVE-2026-28810" - }, - "timestamp": "2026-04-08T01:38:51.745196959Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:otp/kernel@10.2.7.4" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42790" - }, - "timestamp": "2026-06-03T14:23:12.366069003Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" - }, - { - "@id": "pkg:otp/public_key@1.16" - }, - { - "@id": "pkg:otp/public_key@1.16.1" - }, - { - "@id": "pkg:otp/public_key@1.16.2" - }, - { - "@id": "pkg:otp/public_key@1.16.3" - }, - { - "@id": "pkg:otp/public_key@1.16.4" - }, - { - "@id": "pkg:otp/public_key@1.17" - }, - { - "@id": "pkg:otp/public_key@1.17.1" - }, - { - "@id": "pkg:otp/public_key@1.17.1.1" - }, - { - "@id": "pkg:otp/public_key@1.17.1.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.17.1.3", - "action_statement_timestamp": "2026-06-03T14:23:12.366069003Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42790" - }, - "timestamp": "2026-06-03T14:23:12.386343277Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" - }, - { - "@id": "pkg:otp/public_key@1.17.1.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42789" - }, - "timestamp": "2026-06-03T14:23:12.407211689Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" - }, - { - "@id": "pkg:otp/public_key@1.16" - }, - { - "@id": "pkg:otp/public_key@1.16.1" - }, - { - "@id": "pkg:otp/public_key@1.16.2" - }, - { - "@id": "pkg:otp/public_key@1.16.3" - }, - { - "@id": "pkg:otp/public_key@1.16.4" - }, - { - "@id": "pkg:otp/public_key@1.17" - }, - { - "@id": "pkg:otp/public_key@1.17.1" - }, - { - "@id": "pkg:otp/public_key@1.17.1.1" - }, - { - "@id": "pkg:otp/public_key@1.17.1.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.17.1.3", - "action_statement_timestamp": "2026-06-03T14:23:12.407211689Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42789" - }, - "timestamp": "2026-06-03T14:23:12.426824555Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" - }, - { - "@id": "pkg:otp/public_key@1.17.1.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42791" - }, - "timestamp": "2026-06-03T14:23:12.446959854Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" - }, - { - "@id": "pkg:otp/public_key@1.16" - }, - { - "@id": "pkg:otp/public_key@1.16.1" - }, - { - "@id": "pkg:otp/public_key@1.16.2" - }, - { - "@id": "pkg:otp/public_key@1.16.3" - }, - { - "@id": "pkg:otp/public_key@1.16.4" - }, - { - "@id": "pkg:otp/public_key@1.17" - }, - { - "@id": "pkg:otp/public_key@1.17.1" - }, - { - "@id": "pkg:otp/public_key@1.17.1.1" - }, - { - "@id": "pkg:otp/public_key@1.17.1.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.17.1.3", - "action_statement_timestamp": "2026-06-03T14:23:12.446959854Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42791" - }, - "timestamp": "2026-06-03T14:23:12.466918004Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" - }, - { - "@id": "pkg:otp/public_key@1.17.1.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-32147" - }, - "timestamp": "2026-06-03T14:23:12.487277139Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.1.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.2.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.7" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.8" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.9" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.10" - }, - { - "@id": "pkg:otp/ssh@5.2" - }, - { - "@id": "pkg:otp/ssh@5.2.1" - }, - { - "@id": "pkg:otp/ssh@5.2.2" - }, - { - "@id": "pkg:otp/ssh@5.2.3" - }, - { - "@id": "pkg:otp/ssh@5.2.4" - }, - { - "@id": "pkg:otp/ssh@5.2.5" - }, - { - "@id": "pkg:otp/ssh@5.2.6" - }, - { - "@id": "pkg:otp/ssh@5.2.7" - }, - { - "@id": "pkg:otp/ssh@5.2.8" - }, - { - "@id": "pkg:otp/ssh@5.2.9" - }, - { - "@id": "pkg:otp/ssh@5.2.10" - }, - { - "@id": "pkg:otp/ssh@5.2.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.1" - }, - { - "@id": "pkg:otp/ssh@5.2.11.2" - }, - { - "@id": "pkg:otp/ssh@5.2.11.3" - }, - { - "@id": "pkg:otp/ssh@5.2.11.4" - }, - { - "@id": "pkg:otp/ssh@5.2.11.5" - }, - { - "@id": "pkg:otp/ssh@5.2.11.6" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.2.11.7", - "action_statement_timestamp": "2026-06-03T14:23:12.487277139Z" - }, - { - "vulnerability": { - "name": "CVE-2026-32147" - }, - "timestamp": "2026-06-03T14:23:12.507337834Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.12" - }, - { - "@id": "pkg:github/erlang/otp@OTP-27.3.4.11" - }, - { - "@id": "pkg:otp/ssh@5.2.11.7" - } - ], - "status": "fixed" - } - ] -} diff --git a/vex/otp-27.openvex.json.license b/vex/otp-27.openvex.json.license deleted file mode 100644 index 1ea854fee3f9..000000000000 --- a/vex/otp-27.openvex.json.license +++ /dev/null @@ -1,7 +0,0 @@ -%CopyrightBegin% - -SPDX-License-Identifier: Apache-2.0 - -Copyright Ericsson AB 2025. All Rights Reserved. - -%CopyrightEnd% diff --git a/vex/otp-27.openvex.json.sigstore b/vex/otp-27.openvex.json.sigstore deleted file mode 100644 index 0ba3d064a30e..000000000000 --- a/vex/otp-27.openvex.json.sigstore +++ /dev/null @@ -1 +0,0 @@ -{"mediaType":"application/vnd.dev.sigstore.bundle.v0.3+json","verificationMaterial":{"certificate":{"rawBytes":"MIIG9zCCBn2gAwIBAgIUG4zAoFm58meDXEW0d2XhJGtoPpcwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjYwNjAzMTQyNDE2WhcNMjYwNjAzMTQzNDE2WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcCI0xFGE2ZR6F4nZcbWRF0v/hUiHS17lgx4wekr8Aggej7+1kEOzclN/A8Ftm+uTf3Wg2JO8tmHLOqxNqIOA7KOCBZwwggWYMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUCMe2ix0as1jmw1Rrua7F9M1OcRMwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8waAYDVR0RAQH/BF4wXIZaaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZy9vdHAvLmdpdGh1Yi93b3JrZmxvd3Mvc2lnc3RvcmUtdXBkYXRlci55bWxAcmVmcy9wdWxsLzExMTkxL21lcmdlMDkGCisGAQQBg78wAQEEK2h0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wGgYKKwYBBAGDvzABAgQMcHVsbF9yZXF1ZXN0MDYGCisGAQQBg78wAQMEKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwIwYKKwYBBAGDvzABBAQVVXBkYXRlIFNpZ3N0b3JlIEZpbGVzMBgGCisGAQQBg78wAQUECmVybGFuZy9vdHAwIwYKKwYBBAGDvzABBgQVcmVmcy9wdWxsLzExMTkxL21lcmdlMDsGCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbTBqBgorBgEEAYO/MAEJBFwMWmh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZTA4BgorBgEEAYO/MAEKBCoMKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwHQYKKwYBBAGDvzABCwQPDA1naXRodWItaG9zdGVkMC0GCisGAQQBg78wAQwEHwwdaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZy9vdHAwOAYKKwYBBAGDvzABDQQqDChlY2VlNTcyNDNmNDg2MjY4MTFmM2Q4YmFjN2JmOGM0ZTVlZTZkYjQzMCUGCisGAQQBg78wAQ4EFwwVcmVmcy9wdWxsLzExMTkxL21lcmdlMBYGCisGAQQBg78wAQ8ECAwGMzc0OTI3MCkGCisGAQQBg78wARAEGwwZaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZzAWBgorBgEEAYO/MAERBAgMBjE1MzM5MzBqBgorBgEEAYO/MAESBFwMWmh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZTA4BgorBgEEAYO/MAETBCoMKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwHAYKKwYBBAGDvzABFAQODAxwdWxsX3JlcXVlc3QwUQYKKwYBBAGDvzABFQRDDEFodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cC9hY3Rpb25zL3J1bnMvMjY4OTExNTk1MTYvYXR0ZW1wdHMvMTAWBgorBgEEAYO/MAEWBAgMBnB1YmxpYzAsBgorBgEEAYO/MAEYBB4MHHJlcG86ZXJsYW5nL290cDpwdWxsX3JlcXVlc3QwgYkGCisGAQQB1nkCBAIEewR5AHcAdQDdPTBqxscRMmMZHhyZZzcCokpeuN48rf+HinKALynujgAAAZ6N3udLAAAEAwBGMEQCIHJKE3DAJnl8wByrvIWGcmdkB2ZMdGS3FU0oP/qWD7U5AiBw41nKQAfN33IH3fN3ABvgZbq3C6QzZI5xXh3kJdzqkTAKBggqhkjOPQQDAwNoADBlAjEA7PI/Au8n9De8f7B4M/6mWP7K7E5m16LaS2Wq3t6DAvyVRoUFL3e8v7Hu8q/LJwnGAjA7I/8BE2O1TmR+VQWNh7ajDWT3yvfAARav0d6AK9JX9bisrgsWcQ5z2ueZyf+MGKc="},"tlogEntries":[{"logIndex":"1710277081","logId":{"keyId":"wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="},"kindVersion":{"kind":"dsse","version":"0.0.1"},"integratedTime":"1780496656","inclusionPromise":{"signedEntryTimestamp":"MEYCIQD79YgopD6JzLIidRYsV75bq1rMc2dS9FtN3lfSzPERbwIhAN4wq/xL5/ixJtPhLV43jDa3FxsjqmFFIJwrucb7jMKp"},"inclusionProof":{"logIndex":"1588372819","rootHash":"20TIzgjsxgS8aGDmzJL+zph1VY2bqrWbkQ9coS/yaoc=","treeSize":"1588372828","hashes":["iF2rE088N9KQRrq026IMEgGQHRTud+FNpZyv+J1XgQY=","iEReAFBBsYMfOiqrKLbbdzFBsVOCUjaOw4Ad7JHn0p0=","lXhXGDly5dWd1GDK1zWcMovPxeLsJiNx5hdwDPyRB1g=","axA9VnGlrggdWvqG6zJl+P7+DvXuEDoamoU6nsRxDn8=","pM0GncDQusDxZ40sD17D6h03NfyU3p8do0W5wl+j1oM=","r/AdB81Uj6TGbOXButx6Rs1fqJTifs6uyKgWOgco33Q=","J4xJALDVXMCEZ0/2LaSgwfEM2ragaacMgM80mGwWw/k=","BTohSxWFbLad+xniUwFYTkgEPzpD0sGtgONtSzFOyf0=","vX2O3QNhq34qiBOmXYK03F0QE/0c7Z+eNB3GeQl1YEE=","VhYrv8/yc+MbvPNDU0BS08mfIgcWTdnTHcEZ22mctno=","cNFZMDy1QCvSMhnHQtNIPvnqyNW4t7K9rJtLqwbhWLc=","yAsIiHvLiBOMyoqUseT0lWqlj+t22Gd7GYy0fAFDEPc=","5aNRn+UCc6rfNpt2yb0IDfEWXUURb2UdNqGHuAe0Kuk=","/H9g3cQS0WMzt1xN6KYtWYBC93b9C+BulyABJ6kzvew=","NSkfjqosjcbjuITRR3k++3CKLDql/hao4MUycvdrMXc=","hn+ppu7vwlSCi7W1L5Z750bpAdr+WUAJLSUnb8qLy3k=","r5nn9+mbgUQL4m8neTg/XjYkdf2hD/cvZMsNR/v0cBU=","eT+F471g2HJfd43U4j4L1PIBkt4rLbHQd/pOR/rllO0=","DOCeoSMovIvLExkhIvisow9AuNXgeWs4ECkyR6EcqYU="],"checkpoint":{"envelope":"rekor.sigstore.dev - 1193050959916656506\n1588372828\n20TIzgjsxgS8aGDmzJL+zph1VY2bqrWbkQ9coS/yaoc=\n\nā€” rekor.sigstore.dev wNI9ajBEAiBGGwHdOjFsGk5omhgZpeRco8ySnmR/DuJcwSWzITe1bwIgCQmuL2eZ+a768Y52DGIaT/WWiPbMxgPtbJDDcKSZFZQ=\n"}},"canonicalizedBody":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiYTg1MzA5MmZlYTYxZWI0NmQ1ZTg4OWI4NDYyZmQyZTkxODljYjBjMWMwNjdhZTU4Y2Y3N2MwYWZmYzQ4YmQ1MSJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6ImE2OTMxNTdhZGMzZDg1MDk4YmMwNmM1ZGQ2NWIyYTc3MDg2MjliYzg3ODhkMDI0NDUxOWQ3NTk3YjNhZDZhMDQifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVRQ0lDRjU0cGRMYkFDaXNlZUZsVzBscGJWUjRGTnZicXVSWERRWHYvMlN6MUsxQWlCc1gwTTU1a0lhWUlmVXZ3USsxWFM4SmhWT3ZmYmxkM24wVW5wU0I5U1pCUT09IiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VjNWVrTkRRbTR5WjBGM1NVSkJaMGxWUnpSNlFXOUdiVFU0YldWRVdFVlhNR1F5V0doS1IzUnZVSEJqZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwWmQwNXFRWHBOVkZGNVRrUkZNbGRvWTA1TmFsbDNUbXBCZWsxVVVYcE9SRVV5VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVmpRMGt3ZUVaSFJUSmFValpHTkc1YVkySlhVa1l3ZGk5b1ZXbElVekUzYkdkNE5IY0taV3R5T0VGbloyVnFOeXN4YTBWUGVtTnNUaTlCT0VaMGJTdDFWR1l6VjJjeVNrODRkRzFJVEU5eGVFNXhTVTlCTjB0UFEwSmFkM2RuWjFkWlRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVkRUV1V5Q21sNE1HRnpNV3B0ZHpGU2NuVmhOMFk1VFRGUFkxSk5kMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMkZCV1VSV1VqQlNRVkZJTDBKR05IZFlTVnBoWVVoU01HTklUVFpNZVRsdVlWaFNiMlJYU1hWWk1qbDBUREpXZVdKSFJuVmFlVGwyWkVoQmRncE1iV1J3WkVkb01WbHBPVE5pTTBweVdtMTRkbVF6VFhaak1teHVZek5TZG1OdFZYUmtXRUpyV1ZoU2JHTnBOVFZpVjNoQlkyMVdiV041T1hka1YzaHpDa3g2UlhoTlZHdDRUREl4YkdOdFpHeE5SR3RIUTJselIwRlJVVUpuTnpoM1FWRkZSVXN5YURCa1NFSjZUMms0ZG1SSE9YSmFWelIxV1ZkT01HRlhPWFVLWTNrMWJtRllVbTlrVjBveFl6SldlVmt5T1hWa1IxWjFaRU0xYW1JeU1IZEhaMWxMUzNkWlFrSkJSMFIyZWtGQ1FXZFJUV05JVm5OaVJqbDVXbGhHTVFwYVdFNHdUVVJaUjBOcGMwZEJVVkZDWnpjNGQwRlJUVVZMUjFacVdsZFZNVTU2U1RCTk1sa3dUMFJaZVU1cVozaE5WMWw2V2tSb2FWbFhUVE5aYlZrMENsbDZVbXhPVjFac1RtMVNhVTVFVFhkSmQxbExTM2RaUWtKQlIwUjJla0ZDUWtGUlZsWllRbXRaV0ZKc1NVWk9jRm96VGpCaU0wcHNTVVZhY0dKSFZub0tUVUpuUjBOcGMwZEJVVkZDWnpjNGQwRlJWVVZEYlZaNVlrZEdkVnA1T1haa1NFRjNTWGRaUzB0M1dVSkNRVWRFZG5wQlFrSm5VVlpqYlZadFkzazVkd3BrVjNoelRIcEZlRTFVYTNoTU1qRnNZMjFrYkUxRWMwZERhWE5IUVZGUlFtYzNPSGRCVVdkRlRGRjNjbUZJVWpCalNFMDJUSGs1TUdJeWRHeGlhVFZvQ2xrelVuQmlNalY2VEcxa2NHUkhhREZaYmxaNldsaEthbUl5TlRCYVZ6VXdURzFPZG1KVVFuRkNaMjl5UW1kRlJVRlpUeTlOUVVWS1FrWjNUVmR0YURBS1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemxzWTIxNGFHSnRZM1ppTTFKM1RIazFibUZZVW05a1YwbDJaREk1ZVdFeVduTmlNMlI2VEROT2NBcGFNMDR3WWpOS2JFeFlWbmRhUjBZd1dsaEpkV1ZYTVhOUlNFcHNXbTVOZG1OSVZuTmlRemg0VFZSRk5VMVRPWFJhV0VwdVdsUkJORUpuYjNKQ1owVkZDa0ZaVHk5TlFVVkxRa052VFV0SFZtcGFWMVV4VG5wSk1FMHlXVEJQUkZsNVRtcG5lRTFYV1hwYVJHaHBXVmROTTFsdFdUUlplbEpzVGxkV2JFNXRVbWtLVGtSTmQwaFJXVXRMZDFsQ1FrRkhSSFo2UVVKRGQxRlFSRUV4Ym1GWVVtOWtWMGwwWVVjNWVtUkhWbXROUXpCSFEybHpSMEZSVVVKbk56aDNRVkYzUlFwSWQzZGtZVWhTTUdOSVRUWk1lVGx1WVZoU2IyUlhTWFZaTWpsMFRESldlV0pIUm5WYWVUbDJaRWhCZDA5QldVdExkMWxDUWtGSFJIWjZRVUpFVVZGeENrUkRhR3haTWxac1RsUmplVTVFVG0xT1JHY3lUV3BaTkUxVVJtMU5NbEUwV1cxR2FrNHlTbTFQUjAwd1dsUldiRnBVV210WmFsRjZUVU5WUjBOcGMwY0tRVkZSUW1jM09IZEJVVFJGUm5kM1ZtTnRWbTFqZVRsM1pGZDRjMHg2UlhoTlZHdDRUREl4YkdOdFpHeE5RbGxIUTJselIwRlJVVUpuTnpoM1FWRTRSUXBEUVhkSFRYcGpNRTlVU1ROTlEydEhRMmx6UjBGUlVVSm5OemgzUVZKQlJVZDNkMXBoU0ZJd1kwaE5Oa3g1T1c1aFdGSnZaRmRKZFZreU9YUk1NbFo1Q21KSFJuVmFla0ZYUW1kdmNrSm5SVVZCV1U4dlRVRkZVa0pCWjAxQ2FrVXhUWHBOTlUxNlFuRkNaMjl5UW1kRlJVRlpUeTlOUVVWVFFrWjNUVmR0YURBS1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemxzWTIxNGFHSnRZM1ppTTFKM1RIazFibUZZVW05a1YwbDJaREk1ZVdFeVduTmlNMlI2VEROT2NBcGFNMDR3WWpOS2JFeFlWbmRhUjBZd1dsaEpkV1ZYTVhOUlNFcHNXbTVOZG1OSVZuTmlRemg0VFZSRk5VMVRPWFJhV0VwdVdsUkJORUpuYjNKQ1owVkZDa0ZaVHk5TlFVVlVRa052VFV0SFZtcGFWMVV4VG5wSk1FMHlXVEJQUkZsNVRtcG5lRTFYV1hwYVJHaHBXVmROTTFsdFdUUlplbEpzVGxkV2JFNXRVbWtLVGtSTmQwaEJXVXRMZDFsQ1FrRkhSSFo2UVVKR1FWRlBSRUY0ZDJSWGVITllNMHBzWTFoV2JHTXpVWGRWVVZsTFMzZFpRa0pCUjBSMmVrRkNSbEZTUkFwRVJVWnZaRWhTZDJONmIzWk1NbVJ3WkVkb01WbHBOV3BpTWpCMldsaEtjMWxYTlc1TU1qa3dZME01YUZrelVuQmlNalY2VEROS01XSnVUWFpOYWxrMENrOVVSWGhPVkdzeFRWUlpkbGxZVWpCYVZ6RjNaRWhOZGsxVVFWZENaMjl5UW1kRlJVRlpUeTlOUVVWWFFrRm5UVUp1UWpGWmJYaHdXWHBCYzBKbmIzSUtRbWRGUlVGWlR5OU5RVVZaUWtJMFRVaElTbXhqUnpnMldsaEtjMWxYTlc1TU1qa3dZMFJ3ZDJSWGVITllNMHBzWTFoV2JHTXpVWGRuV1d0SFEybHpSd3BCVVZGQ01XNXJRMEpCU1VWbGQxSTFRVWhqUVdSUlJHUlFWRUp4ZUhOalVrMXRUVnBJYUhsYVducGpRMjlyY0dWMVRqUTRjbVlyU0dsdVMwRk1lVzUxQ21wblFVRkJXalpPTTNWa1RFRkJRVVZCZDBKSFRVVlJRMGxJU2t0Rk0wUkJTbTVzT0hkQ2VYSjJTVmRIWTIxa2EwSXlXazFrUjFNelJsVXdiMUF2Y1ZjS1JEZFZOVUZwUW5jME1XNUxVVUZtVGpNelNVZ3paazR6UVVKMloxcGljVE5ETmxGNldrazFlRmhvTTJ0S1pIcHhhMVJCUzBKblozRm9hMnBQVUZGUlJBcEJkMDV2UVVSQ2JFRnFSVUUzVUVrdlFYVTRiamxFWlRobU4wSTBUUzgyYlZkUU4wczNSVFZ0TVRaTVlWTXlWM0V6ZERaRVFYWjVWbEp2VlVaTU0yVTRDblkzU0hVNGNTOU1TbmR1UjBGcVFUZEpMemhDUlRKUE1WUnRVaXRXVVZkT2FEZGhha1JYVkRONWRtWkJRVkpoZGpCa05rRkxPVXBZT1dKcGMzSm5jMWNLWTFFMWVqSjFaVnA1Wml0TlIwdGpQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09In1dfX0="}],"timestampVerificationData":{}},"dsseEnvelope":{"payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCJzdWJqZWN0IjpbeyJuYW1lIjoib3RwLTI2Lm9wZW52ZXguanNvbiIsImRpZ2VzdCI6eyJzaGEyNTYiOiI5N2M1ZDBmOGNiMzU5OTYzMGEwZjU0NDQzYTRmNzU5NjlhMjFlOGQ4ZmI5OTRjZjM1Yzk0YmQyYzk3MDA5M2JhIn19LHsibmFtZSI6Im90cC0yNy5vcGVudmV4Lmpzb24iLCJkaWdlc3QiOnsic2hhMjU2IjoiZmEwMTQxM2FiZTk4NThkODk2YjIzMjAyNWViMDJlZDMwNGYyNzRhZTA4MTMyNGE1MTAzZWQ4ODlhOGI4MGE2NCJ9fSx7Im5hbWUiOiJvdHAtMjgub3BlbnZleC5qc29uIiwiZGlnZXN0Ijp7InNoYTI1NiI6ImNkMjZjYzU5Yzg3OTdhZmEyOWZhNzFkMGJhMjU4ZGRkMTEzYWMxM2I4NTY4ZGU1Y2EyNTc0MTY1NTg2ZjYyYTEifX0seyJuYW1lIjoib3RwLTI5Lm9wZW52ZXguanNvbiIsImRpZ2VzdCI6eyJzaGEyNTYiOiJmMDVkNjY3YzhjYzkxYjc4MzNlZGZlYmE0NjE5OTViYmU3NDI1NmUyYmYyNGZiMzI5NDFhMzIxNzQ0MzkwZGM5In19XSwicHJlZGljYXRlVHlwZSI6Imh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MSIsInByZWRpY2F0ZSI6eyJidWlsZERlZmluaXRpb24iOnsiYnVpbGRUeXBlIjoiaHR0cHM6Ly9hY3Rpb25zLmdpdGh1Yi5pby9idWlsZHR5cGVzL3dvcmtmbG93L3YxIiwiZXh0ZXJuYWxQYXJhbWV0ZXJzIjp7IndvcmtmbG93Ijp7InJlZiI6InJlZnMvcHVsbC8xMTE5MS9tZXJnZSIsInJlcG9zaXRvcnkiOiJodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cCIsInBhdGgiOiIuZ2l0aHViL3dvcmtmbG93cy9zaWdzdG9yZS11cGRhdGVyLnltbCJ9fSwiaW50ZXJuYWxQYXJhbWV0ZXJzIjp7ImdpdGh1YiI6eyJldmVudF9uYW1lIjoicHVsbF9yZXF1ZXN0IiwicmVwb3NpdG9yeV9pZCI6IjM3NDkyNyIsInJlcG9zaXRvcnlfb3duZXJfaWQiOiIxNTMzOTMiLCJydW5uZXJfZW52aXJvbm1lbnQiOiJnaXRodWItaG9zdGVkIn19LCJyZXNvbHZlZERlcGVuZGVuY2llcyI6W3sidXJpIjoiZ2l0K2h0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwQHJlZnMvcHVsbC8xMTE5MS9tZXJnZSIsImRpZ2VzdCI6eyJnaXRDb21taXQiOiJlY2VlNTcyNDNmNDg2MjY4MTFmM2Q4YmFjN2JmOGM0ZTVlZTZkYjQzIn19XX0sInJ1bkRldGFpbHMiOnsiYnVpbGRlciI6eyJpZCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZSJ9LCJtZXRhZGF0YSI6eyJpbnZvY2F0aW9uSWQiOiJodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cC9hY3Rpb25zL3J1bnMvMjY4OTExNTk1MTYvYXR0ZW1wdHMvMSJ9fX19","payloadType":"application/vnd.in-toto+json","signatures":[{"sig":"MEQCICF54pdLbACiseeFlW0lpbVR4FNvbquRXDQXv/2Sz1K1AiBsX0M55kIaYIfUvwQ+1XS8JhVOvfbld3n0UnpSB9SZBQ=="}]}} diff --git a/vex/otp-27.openvex.json.sigstore.license b/vex/otp-27.openvex.json.sigstore.license deleted file mode 100644 index 36976e9b8949..000000000000 --- a/vex/otp-27.openvex.json.sigstore.license +++ /dev/null @@ -1,7 +0,0 @@ -%CopyrightBegin% - -SPDX-License-Identifier: Apache-2.0 - -Copyright Ericsson AB 2026. All Rights Reserved. - -%CopyrightEnd% diff --git a/vex/otp-28.openvex.json b/vex/otp-28.openvex.json deleted file mode 100644 index a5f9e4bf3755..000000000000 --- a/vex/otp-28.openvex.json +++ /dev/null @@ -1,3155 +0,0 @@ -{ - "@context": "https://openvex.dev/ns/v0.2.0", - "@id": "https://erlang.org/download/vex/otp-28.openvex.json", - "author": "vexctl", - "timestamp": "2025-11-28T16:37:17.252127+01:00", - "last_updated": "2026-06-03T14:23:09.953518681Z", - "version": 84, - "statements": [ - { - "vulnerability": { - "name": "CVE-2025-9232" - }, - "timestamp": "2025-11-28T16:37:19.152493952+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-9231" - }, - "timestamp": "2025-11-28T16:37:19.174339053+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-9230" - }, - "timestamp": "2025-11-28T16:37:19.200378602+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2016-2183" - }, - "timestamp": "2025-11-28T16:37:19.228586723+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2016-2183" - }, - "timestamp": "2025-11-28T16:37:19.257327952+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-58249" - }, - "timestamp": "2025-11-28T16:37:19.282985088+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:otp/wx@2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/wx@2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/wx@2.5.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-58249" - }, - "timestamp": "2025-11-28T16:37:19.308451813+01:00", - "products": [ - { - "@id": "pkg:github/wxWidgets/wxWidgets@dc585039bbd426829e3433002023a93f9bedd0c2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-58050" - }, - "timestamp": "2025-11-28T16:37:19.334486527+01:00", - "products": [ - { - "@id": "pkg:github/PCRE2Project/pcre2@2dce7761b1831fd3f82a9c2bd5476259d945da4d" - } - ], - "status": "under_investigation" - }, - { - "vulnerability": { - "name": "CVE-2025-4575" - }, - "timestamp": "2025-11-28T16:37:19.365268547+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-4575" - }, - "timestamp": "2025-11-28T16:37:19.392434763+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-45853" - }, - "timestamp": "2025-11-28T16:37:19.418955628+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@1a8db63788c34a50e39e273d39b7e1033208aea2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "OSV-2025-300" - }, - "timestamp": "2025-11-28T16:37:19.444832526+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erts@16.1.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "OSV-2025-300" - }, - "timestamp": "2025-11-28T16:37:19.46934775+01:00", - "products": [ - { - "@id": "pkg:github/PCRE2Project/pcre2@2dce7761b1831fd3f82a9c2bd5476259d945da4d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-4748" - }, - "timestamp": "2025-11-28T16:37:19.495731605+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:otp/stdlib@7.0" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/stdlib@7.0.1", - "action_statement_timestamp": "2025-11-28T16:37:19.495731605+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-4748" - }, - "timestamp": "2025-11-28T16:37:19.521691379+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:otp/stdlib@7.0.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48038" - }, - "timestamp": "2025-11-28T16:37:19.548094389+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/ssh@5.3" - }, - { - "@id": "pkg:otp/ssh@5.3.1" - }, - { - "@id": "pkg:otp/ssh@5.3.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.3.3", - "action_statement_timestamp": "2025-11-28T16:37:19.548094389+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48038" - }, - "timestamp": "2025-11-28T16:37:19.573033851+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:otp/ssh@5.3.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48039" - }, - "timestamp": "2025-11-28T16:37:19.598036441+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/ssh@5.3" - }, - { - "@id": "pkg:otp/ssh@5.3.1" - }, - { - "@id": "pkg:otp/ssh@5.3.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.3.3", - "action_statement_timestamp": "2025-11-28T16:37:19.598036441+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48039" - }, - "timestamp": "2025-11-28T16:37:19.623406739+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:otp/ssh@5.3.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48040" - }, - "timestamp": "2025-11-28T16:37:19.650291101+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/ssh@5.3" - }, - { - "@id": "pkg:otp/ssh@5.3.1" - }, - { - "@id": "pkg:otp/ssh@5.3.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.3.3", - "action_statement_timestamp": "2025-11-28T16:37:19.650291101+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48040" - }, - "timestamp": "2025-11-28T16:37:19.677048743+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:otp/ssh@5.3.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2016-1000107" - }, - "timestamp": "2025-11-28T16:37:19.702250279+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:otp/inets@9.4" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.4.1", - "action_statement_timestamp": "2025-11-28T16:37:19.702250279+01:00" - }, - { - "vulnerability": { - "name": "CVE-2016-1000107" - }, - "timestamp": "2025-11-28T16:37:19.730526163+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/inets@9.4.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-48041" - }, - "timestamp": "2025-11-28T16:37:19.756312677+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/ssh@5.3" - }, - { - "@id": "pkg:otp/ssh@5.3.1" - }, - { - "@id": "pkg:otp/ssh@5.3.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.3.3", - "action_statement_timestamp": "2025-11-28T16:37:19.756312677+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-48041" - }, - "timestamp": "2025-11-28T16:37:19.781646157+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:otp/ssh@5.3.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2025-58050" - }, - "timestamp": "2025-11-28T16:37:19.807315814+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/erts@16.0.3", - "action_statement_timestamp": "2025-11-28T16:37:19.807315814+01:00" - }, - { - "vulnerability": { - "name": "CVE-2025-58050" - }, - "timestamp": "2025-11-28T16:37:19.835504203+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:otp/erts@16.0.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-22184" - }, - "timestamp": "2026-01-19T12:49:27.075367812+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22184" - }, - "timestamp": "2026-01-19T12:49:27.092284597+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@1a8db63788c34a50e39e273d39b7e1033208aea2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22796" - }, - "timestamp": "2026-02-02T08:56:25.222059646+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22796" - }, - "timestamp": "2026-02-02T08:56:25.244491504+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22795" - }, - "timestamp": "2026-02-02T08:56:25.262256566+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22795" - }, - "timestamp": "2026-02-02T08:56:25.280169868+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69421" - }, - "timestamp": "2026-02-02T08:56:25.301770605+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69421" - }, - "timestamp": "2026-02-02T08:56:25.318684914+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69420" - }, - "timestamp": "2026-02-02T08:56:25.337854073+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69420" - }, - "timestamp": "2026-02-02T08:56:25.356207682+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69419" - }, - "timestamp": "2026-02-02T08:56:25.372416689+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69419" - }, - "timestamp": "2026-02-02T08:56:25.388853226+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69418" - }, - "timestamp": "2026-02-02T08:56:25.404195404+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69418" - }, - "timestamp": "2026-02-02T08:56:25.42102728+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-68160" - }, - "timestamp": "2026-02-02T08:56:25.437557614+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-68160" - }, - "timestamp": "2026-02-02T08:56:25.454439816+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-66199" - }, - "timestamp": "2026-02-02T08:56:25.470721361+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-66199" - }, - "timestamp": "2026-02-02T08:56:25.487083602+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15469" - }, - "timestamp": "2026-02-02T08:56:25.505630005+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15469" - }, - "timestamp": "2026-02-02T08:56:25.521155627+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15468" - }, - "timestamp": "2026-02-02T08:56:25.538401793+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15468" - }, - "timestamp": "2026-02-02T08:56:25.554070469+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15467" - }, - "timestamp": "2026-02-02T08:56:25.57102249+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15467" - }, - "timestamp": "2026-02-02T08:56:25.586563529+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-11187" - }, - "timestamp": "2026-02-02T08:56:25.603727675+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-11187" - }, - "timestamp": "2026-02-02T08:56:25.621452352+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-21620" - }, - "timestamp": "2026-02-21T01:36:57.6971207Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/tftp@1.2.3" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/tftp@1.2.4", - "action_statement_timestamp": "2026-02-21T01:36:57.6971207Z" - }, - { - "vulnerability": { - "name": "CVE-2026-21620" - }, - "timestamp": "2026-02-21T01:36:57.715698031Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:otp/tftp@1.2.4" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-27171" - }, - "timestamp": "2026-02-24T14:43:11.788346539+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:otp/erts@16.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:otp/erts@16.2.1" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2026-27171" - }, - "timestamp": "2026-02-24T14:43:11.806368454+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@1a8db63788c34a50e39e273d39b7e1033208aea2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2024-58249" - }, - "timestamp": "2026-02-25T10:56:56.768237224+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:otp/wx@2.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/wx@2.5.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/wx@2.5.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:otp/wx@2.5.3" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2024-58249" - }, - "timestamp": "2026-02-25T10:56:56.784036415+01:00", - "products": [ - { - "@id": "pkg:github//KhronosGroup/OpenGL-Refpages@dc585039bbd426829e3433002023a93f9bedd0c2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-23941" - }, - "timestamp": "2026-03-14T01:37:42.338748145Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:otp/inets@9.4" - }, - { - "@id": "pkg:otp/inets@9.4.1" - }, - { - "@id": "pkg:otp/inets@9.4.2" - }, - { - "@id": "pkg:otp/inets@9.5" - }, - { - "@id": "pkg:otp/inets@9.6" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.6.1", - "action_statement_timestamp": "2026-03-14T01:37:42.338748145Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23941" - }, - "timestamp": "2026-03-14T01:37:42.356793156Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/inets@9.6.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-23943" - }, - "timestamp": "2026-03-14T01:37:42.374962311Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:otp/ssh@5.3" - }, - { - "@id": "pkg:otp/ssh@5.3.1" - }, - { - "@id": "pkg:otp/ssh@5.3.2" - }, - { - "@id": "pkg:otp/ssh@5.3.3" - }, - { - "@id": "pkg:otp/ssh@5.3.4" - }, - { - "@id": "pkg:otp/ssh@5.4" - }, - { - "@id": "pkg:otp/ssh@5.4.1" - }, - { - "@id": "pkg:otp/ssh@5.5" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.5.1", - "action_statement_timestamp": "2026-03-14T01:37:42.374962311Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23943" - }, - "timestamp": "2026-03-14T01:37:42.393463345Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/ssh@5.5.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-23942" - }, - "timestamp": "2026-03-14T01:37:42.412608957Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:otp/ssh@5.3" - }, - { - "@id": "pkg:otp/ssh@5.3.1" - }, - { - "@id": "pkg:otp/ssh@5.3.2" - }, - { - "@id": "pkg:otp/ssh@5.3.3" - }, - { - "@id": "pkg:otp/ssh@5.3.4" - }, - { - "@id": "pkg:otp/ssh@5.4" - }, - { - "@id": "pkg:otp/ssh@5.4.1" - }, - { - "@id": "pkg:otp/ssh@5.5" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.5.1", - "action_statement_timestamp": "2026-03-14T01:37:42.412608957Z" - }, - { - "vulnerability": { - "name": "CVE-2026-23942" - }, - "timestamp": "2026-03-14T01:37:42.431214832Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/ssh@5.5.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-2673" - }, - "timestamp": "2026-03-16T15:23:15.755518368+01:00", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:otp/erl_interface@5.6" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:otp/erl_interface@5.6.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:otp/erl_interface@5.6.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/erl_interface@5.6.4" - }, - { - "@id": "pkg:otp/erts@16.0" - }, - { - "@id": "pkg:otp/erts@16.0.1" - }, - { - "@id": "pkg:otp/erts@16.0.2" - }, - { - "@id": "pkg:otp/erts@16.0.3" - }, - { - "@id": "pkg:otp/erts@16.1" - }, - { - "@id": "pkg:otp/erts@16.1.1" - }, - { - "@id": "pkg:otp/erts@16.1.2" - }, - { - "@id": "pkg:otp/erts@16.2" - }, - { - "@id": "pkg:otp/erts@16.2.1" - }, - { - "@id": "pkg:otp/erts@16.2.2" - }, - { - "@id": "pkg:otp/erts@16.3" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-2673" - }, - "timestamp": "2026-03-16T15:23:15.773307411+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@c9a9e5b10105ad850b6e4d1122c645c67767c341" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:49.387530783Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/ssl@11.3" - }, - { - "@id": "pkg:otp/ssl@11.3.1" - }, - { - "@id": "pkg:otp/ssl@11.3.2" - }, - { - "@id": "pkg:otp/ssl@11.4" - }, - { - "@id": "pkg:otp/ssl@11.4.1" - }, - { - "@id": "pkg:otp/ssl@11.4.2" - }, - { - "@id": "pkg:otp/ssl@11.5" - }, - { - "@id": "pkg:otp/ssl@11.5.1" - }, - { - "@id": "pkg:otp/ssl@11.5.2" - }, - { - "@id": "pkg:otp/ssl@11.5.3" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssl@11.5.4", - "action_statement_timestamp": "2026-04-08T01:38:49.387530783Z" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:49.405228769Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:otp/ssl@11.5.4" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:49.42283683Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/public_key@1.18" - }, - { - "@id": "pkg:otp/public_key@1.18.1" - }, - { - "@id": "pkg:otp/public_key@1.18.2" - }, - { - "@id": "pkg:otp/public_key@1.18.3" - }, - { - "@id": "pkg:otp/public_key@1.19" - }, - { - "@id": "pkg:otp/public_key@1.20" - }, - { - "@id": "pkg:otp/public_key@1.20.1" - }, - { - "@id": "pkg:otp/public_key@1.20.2" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.20.3", - "action_statement_timestamp": "2026-04-08T01:38:49.42283683Z" - }, - { - "vulnerability": { - "name": "CVE-2026-32144" - }, - "timestamp": "2026-04-08T01:38:49.440206806Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:otp/public_key@1.20.3" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-28808" - }, - "timestamp": "2026-04-08T01:38:49.458627691Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/inets@9.4" - }, - { - "@id": "pkg:otp/inets@9.4.1" - }, - { - "@id": "pkg:otp/inets@9.4.2" - }, - { - "@id": "pkg:otp/inets@9.5" - }, - { - "@id": "pkg:otp/inets@9.6" - }, - { - "@id": "pkg:otp/inets@9.6.1" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/inets@9.6.2", - "action_statement_timestamp": "2026-04-08T01:38:49.458627691Z" - }, - { - "vulnerability": { - "name": "CVE-2026-28808" - }, - "timestamp": "2026-04-08T01:38:49.476563512Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:otp/inets@9.6.2" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-28810" - }, - "timestamp": "2026-04-08T01:38:49.493838841Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:otp/kernel@10.3" - }, - { - "@id": "pkg:otp/kernel@10.3.1" - }, - { - "@id": "pkg:otp/kernel@10.3.2" - }, - { - "@id": "pkg:otp/kernel@10.4" - }, - { - "@id": "pkg:otp/kernel@10.4.1" - }, - { - "@id": "pkg:otp/kernel@10.4.2" - }, - { - "@id": "pkg:otp/kernel@10.5" - }, - { - "@id": "pkg:otp/kernel@10.6" - }, - { - "@id": "pkg:otp/kernel@10.6.1" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/kernel@10.6.2", - "action_statement_timestamp": "2026-04-08T01:38:49.493838841Z" - }, - { - "vulnerability": { - "name": "CVE-2026-28810" - }, - "timestamp": "2026-04-08T01:38:49.511984596Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:otp/kernel@10.6.2" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42790" - }, - "timestamp": "2026-06-03T14:23:09.821352028Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.5" - }, - { - "@id": "pkg:otp/public_key@1.18" - }, - { - "@id": "pkg:otp/public_key@1.18.1" - }, - { - "@id": "pkg:otp/public_key@1.18.2" - }, - { - "@id": "pkg:otp/public_key@1.18.3" - }, - { - "@id": "pkg:otp/public_key@1.19" - }, - { - "@id": "pkg:otp/public_key@1.20" - }, - { - "@id": "pkg:otp/public_key@1.20.1" - }, - { - "@id": "pkg:otp/public_key@1.20.2" - }, - { - "@id": "pkg:otp/public_key@1.20.3" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.20.3.1", - "action_statement_timestamp": "2026-06-03T14:23:09.821352028Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42790" - }, - "timestamp": "2026-06-03T14:23:09.839236096Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" - }, - { - "@id": "pkg:otp/public_key@1.20.3.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42789" - }, - "timestamp": "2026-06-03T14:23:09.858586551Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.5" - }, - { - "@id": "pkg:otp/public_key@1.18" - }, - { - "@id": "pkg:otp/public_key@1.18.1" - }, - { - "@id": "pkg:otp/public_key@1.18.2" - }, - { - "@id": "pkg:otp/public_key@1.18.3" - }, - { - "@id": "pkg:otp/public_key@1.19" - }, - { - "@id": "pkg:otp/public_key@1.20" - }, - { - "@id": "pkg:otp/public_key@1.20.1" - }, - { - "@id": "pkg:otp/public_key@1.20.2" - }, - { - "@id": "pkg:otp/public_key@1.20.3" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.20.3.1", - "action_statement_timestamp": "2026-06-03T14:23:09.858586551Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42789" - }, - "timestamp": "2026-06-03T14:23:09.877533262Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" - }, - { - "@id": "pkg:otp/public_key@1.20.3.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42791" - }, - "timestamp": "2026-06-03T14:23:09.896942115Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.5" - }, - { - "@id": "pkg:otp/public_key@1.18" - }, - { - "@id": "pkg:otp/public_key@1.18.1" - }, - { - "@id": "pkg:otp/public_key@1.18.2" - }, - { - "@id": "pkg:otp/public_key@1.18.3" - }, - { - "@id": "pkg:otp/public_key@1.19" - }, - { - "@id": "pkg:otp/public_key@1.20" - }, - { - "@id": "pkg:otp/public_key@1.20.1" - }, - { - "@id": "pkg:otp/public_key@1.20.2" - }, - { - "@id": "pkg:otp/public_key@1.20.3" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.20.3.1", - "action_statement_timestamp": "2026-06-03T14:23:09.896942115Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42791" - }, - "timestamp": "2026-06-03T14:23:09.916215035Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" - }, - { - "@id": "pkg:otp/public_key@1.20.3.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-32147" - }, - "timestamp": "2026-06-03T14:23:09.935414952Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.0" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.0.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.1.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.2" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.3.3" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.2" - }, - { - "@id": "pkg:otp/ssh@5.3" - }, - { - "@id": "pkg:otp/ssh@5.3.1" - }, - { - "@id": "pkg:otp/ssh@5.3.2" - }, - { - "@id": "pkg:otp/ssh@5.3.3" - }, - { - "@id": "pkg:otp/ssh@5.3.4" - }, - { - "@id": "pkg:otp/ssh@5.4" - }, - { - "@id": "pkg:otp/ssh@5.4.1" - }, - { - "@id": "pkg:otp/ssh@5.5" - }, - { - "@id": "pkg:otp/ssh@5.5.1" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/ssh@5.5.2", - "action_statement_timestamp": "2026-06-03T14:23:09.935414952Z" - }, - { - "vulnerability": { - "name": "CVE-2026-32147" - }, - "timestamp": "2026-06-03T14:23:09.953519573Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-28.5.0.1" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.5" - }, - { - "@id": "pkg:github/erlang/otp@OTP-28.4.3" - }, - { - "@id": "pkg:otp/ssh@5.5.2" - } - ], - "status": "fixed" - } - ] -} diff --git a/vex/otp-28.openvex.json.license b/vex/otp-28.openvex.json.license deleted file mode 100644 index 1ea854fee3f9..000000000000 --- a/vex/otp-28.openvex.json.license +++ /dev/null @@ -1,7 +0,0 @@ -%CopyrightBegin% - -SPDX-License-Identifier: Apache-2.0 - -Copyright Ericsson AB 2025. All Rights Reserved. - -%CopyrightEnd% diff --git a/vex/otp-28.openvex.json.sigstore b/vex/otp-28.openvex.json.sigstore deleted file mode 100644 index 0ba3d064a30e..000000000000 --- a/vex/otp-28.openvex.json.sigstore +++ /dev/null @@ -1 +0,0 @@ -{"mediaType":"application/vnd.dev.sigstore.bundle.v0.3+json","verificationMaterial":{"certificate":{"rawBytes":"MIIG9zCCBn2gAwIBAgIUG4zAoFm58meDXEW0d2XhJGtoPpcwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjYwNjAzMTQyNDE2WhcNMjYwNjAzMTQzNDE2WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcCI0xFGE2ZR6F4nZcbWRF0v/hUiHS17lgx4wekr8Aggej7+1kEOzclN/A8Ftm+uTf3Wg2JO8tmHLOqxNqIOA7KOCBZwwggWYMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUCMe2ix0as1jmw1Rrua7F9M1OcRMwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8waAYDVR0RAQH/BF4wXIZaaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZy9vdHAvLmdpdGh1Yi93b3JrZmxvd3Mvc2lnc3RvcmUtdXBkYXRlci55bWxAcmVmcy9wdWxsLzExMTkxL21lcmdlMDkGCisGAQQBg78wAQEEK2h0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wGgYKKwYBBAGDvzABAgQMcHVsbF9yZXF1ZXN0MDYGCisGAQQBg78wAQMEKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwIwYKKwYBBAGDvzABBAQVVXBkYXRlIFNpZ3N0b3JlIEZpbGVzMBgGCisGAQQBg78wAQUECmVybGFuZy9vdHAwIwYKKwYBBAGDvzABBgQVcmVmcy9wdWxsLzExMTkxL21lcmdlMDsGCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbTBqBgorBgEEAYO/MAEJBFwMWmh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZTA4BgorBgEEAYO/MAEKBCoMKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwHQYKKwYBBAGDvzABCwQPDA1naXRodWItaG9zdGVkMC0GCisGAQQBg78wAQwEHwwdaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZy9vdHAwOAYKKwYBBAGDvzABDQQqDChlY2VlNTcyNDNmNDg2MjY4MTFmM2Q4YmFjN2JmOGM0ZTVlZTZkYjQzMCUGCisGAQQBg78wAQ4EFwwVcmVmcy9wdWxsLzExMTkxL21lcmdlMBYGCisGAQQBg78wAQ8ECAwGMzc0OTI3MCkGCisGAQQBg78wARAEGwwZaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZzAWBgorBgEEAYO/MAERBAgMBjE1MzM5MzBqBgorBgEEAYO/MAESBFwMWmh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZTA4BgorBgEEAYO/MAETBCoMKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwHAYKKwYBBAGDvzABFAQODAxwdWxsX3JlcXVlc3QwUQYKKwYBBAGDvzABFQRDDEFodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cC9hY3Rpb25zL3J1bnMvMjY4OTExNTk1MTYvYXR0ZW1wdHMvMTAWBgorBgEEAYO/MAEWBAgMBnB1YmxpYzAsBgorBgEEAYO/MAEYBB4MHHJlcG86ZXJsYW5nL290cDpwdWxsX3JlcXVlc3QwgYkGCisGAQQB1nkCBAIEewR5AHcAdQDdPTBqxscRMmMZHhyZZzcCokpeuN48rf+HinKALynujgAAAZ6N3udLAAAEAwBGMEQCIHJKE3DAJnl8wByrvIWGcmdkB2ZMdGS3FU0oP/qWD7U5AiBw41nKQAfN33IH3fN3ABvgZbq3C6QzZI5xXh3kJdzqkTAKBggqhkjOPQQDAwNoADBlAjEA7PI/Au8n9De8f7B4M/6mWP7K7E5m16LaS2Wq3t6DAvyVRoUFL3e8v7Hu8q/LJwnGAjA7I/8BE2O1TmR+VQWNh7ajDWT3yvfAARav0d6AK9JX9bisrgsWcQ5z2ueZyf+MGKc="},"tlogEntries":[{"logIndex":"1710277081","logId":{"keyId":"wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="},"kindVersion":{"kind":"dsse","version":"0.0.1"},"integratedTime":"1780496656","inclusionPromise":{"signedEntryTimestamp":"MEYCIQD79YgopD6JzLIidRYsV75bq1rMc2dS9FtN3lfSzPERbwIhAN4wq/xL5/ixJtPhLV43jDa3FxsjqmFFIJwrucb7jMKp"},"inclusionProof":{"logIndex":"1588372819","rootHash":"20TIzgjsxgS8aGDmzJL+zph1VY2bqrWbkQ9coS/yaoc=","treeSize":"1588372828","hashes":["iF2rE088N9KQRrq026IMEgGQHRTud+FNpZyv+J1XgQY=","iEReAFBBsYMfOiqrKLbbdzFBsVOCUjaOw4Ad7JHn0p0=","lXhXGDly5dWd1GDK1zWcMovPxeLsJiNx5hdwDPyRB1g=","axA9VnGlrggdWvqG6zJl+P7+DvXuEDoamoU6nsRxDn8=","pM0GncDQusDxZ40sD17D6h03NfyU3p8do0W5wl+j1oM=","r/AdB81Uj6TGbOXButx6Rs1fqJTifs6uyKgWOgco33Q=","J4xJALDVXMCEZ0/2LaSgwfEM2ragaacMgM80mGwWw/k=","BTohSxWFbLad+xniUwFYTkgEPzpD0sGtgONtSzFOyf0=","vX2O3QNhq34qiBOmXYK03F0QE/0c7Z+eNB3GeQl1YEE=","VhYrv8/yc+MbvPNDU0BS08mfIgcWTdnTHcEZ22mctno=","cNFZMDy1QCvSMhnHQtNIPvnqyNW4t7K9rJtLqwbhWLc=","yAsIiHvLiBOMyoqUseT0lWqlj+t22Gd7GYy0fAFDEPc=","5aNRn+UCc6rfNpt2yb0IDfEWXUURb2UdNqGHuAe0Kuk=","/H9g3cQS0WMzt1xN6KYtWYBC93b9C+BulyABJ6kzvew=","NSkfjqosjcbjuITRR3k++3CKLDql/hao4MUycvdrMXc=","hn+ppu7vwlSCi7W1L5Z750bpAdr+WUAJLSUnb8qLy3k=","r5nn9+mbgUQL4m8neTg/XjYkdf2hD/cvZMsNR/v0cBU=","eT+F471g2HJfd43U4j4L1PIBkt4rLbHQd/pOR/rllO0=","DOCeoSMovIvLExkhIvisow9AuNXgeWs4ECkyR6EcqYU="],"checkpoint":{"envelope":"rekor.sigstore.dev - 1193050959916656506\n1588372828\n20TIzgjsxgS8aGDmzJL+zph1VY2bqrWbkQ9coS/yaoc=\n\nā€” rekor.sigstore.dev wNI9ajBEAiBGGwHdOjFsGk5omhgZpeRco8ySnmR/DuJcwSWzITe1bwIgCQmuL2eZ+a768Y52DGIaT/WWiPbMxgPtbJDDcKSZFZQ=\n"}},"canonicalizedBody":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiYTg1MzA5MmZlYTYxZWI0NmQ1ZTg4OWI4NDYyZmQyZTkxODljYjBjMWMwNjdhZTU4Y2Y3N2MwYWZmYzQ4YmQ1MSJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6ImE2OTMxNTdhZGMzZDg1MDk4YmMwNmM1ZGQ2NWIyYTc3MDg2MjliYzg3ODhkMDI0NDUxOWQ3NTk3YjNhZDZhMDQifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVRQ0lDRjU0cGRMYkFDaXNlZUZsVzBscGJWUjRGTnZicXVSWERRWHYvMlN6MUsxQWlCc1gwTTU1a0lhWUlmVXZ3USsxWFM4SmhWT3ZmYmxkM24wVW5wU0I5U1pCUT09IiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VjNWVrTkRRbTR5WjBGM1NVSkJaMGxWUnpSNlFXOUdiVFU0YldWRVdFVlhNR1F5V0doS1IzUnZVSEJqZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwWmQwNXFRWHBOVkZGNVRrUkZNbGRvWTA1TmFsbDNUbXBCZWsxVVVYcE9SRVV5VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVmpRMGt3ZUVaSFJUSmFValpHTkc1YVkySlhVa1l3ZGk5b1ZXbElVekUzYkdkNE5IY0taV3R5T0VGbloyVnFOeXN4YTBWUGVtTnNUaTlCT0VaMGJTdDFWR1l6VjJjeVNrODRkRzFJVEU5eGVFNXhTVTlCTjB0UFEwSmFkM2RuWjFkWlRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVkRUV1V5Q21sNE1HRnpNV3B0ZHpGU2NuVmhOMFk1VFRGUFkxSk5kMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMkZCV1VSV1VqQlNRVkZJTDBKR05IZFlTVnBoWVVoU01HTklUVFpNZVRsdVlWaFNiMlJYU1hWWk1qbDBUREpXZVdKSFJuVmFlVGwyWkVoQmRncE1iV1J3WkVkb01WbHBPVE5pTTBweVdtMTRkbVF6VFhaak1teHVZek5TZG1OdFZYUmtXRUpyV1ZoU2JHTnBOVFZpVjNoQlkyMVdiV041T1hka1YzaHpDa3g2UlhoTlZHdDRUREl4YkdOdFpHeE5SR3RIUTJselIwRlJVVUpuTnpoM1FWRkZSVXN5YURCa1NFSjZUMms0ZG1SSE9YSmFWelIxV1ZkT01HRlhPWFVLWTNrMWJtRllVbTlrVjBveFl6SldlVmt5T1hWa1IxWjFaRU0xYW1JeU1IZEhaMWxMUzNkWlFrSkJSMFIyZWtGQ1FXZFJUV05JVm5OaVJqbDVXbGhHTVFwYVdFNHdUVVJaUjBOcGMwZEJVVkZDWnpjNGQwRlJUVVZMUjFacVdsZFZNVTU2U1RCTk1sa3dUMFJaZVU1cVozaE5WMWw2V2tSb2FWbFhUVE5aYlZrMENsbDZVbXhPVjFac1RtMVNhVTVFVFhkSmQxbExTM2RaUWtKQlIwUjJla0ZDUWtGUlZsWllRbXRaV0ZKc1NVWk9jRm96VGpCaU0wcHNTVVZhY0dKSFZub0tUVUpuUjBOcGMwZEJVVkZDWnpjNGQwRlJWVVZEYlZaNVlrZEdkVnA1T1haa1NFRjNTWGRaUzB0M1dVSkNRVWRFZG5wQlFrSm5VVlpqYlZadFkzazVkd3BrVjNoelRIcEZlRTFVYTNoTU1qRnNZMjFrYkUxRWMwZERhWE5IUVZGUlFtYzNPSGRCVVdkRlRGRjNjbUZJVWpCalNFMDJUSGs1TUdJeWRHeGlhVFZvQ2xrelVuQmlNalY2VEcxa2NHUkhhREZaYmxaNldsaEthbUl5TlRCYVZ6VXdURzFPZG1KVVFuRkNaMjl5UW1kRlJVRlpUeTlOUVVWS1FrWjNUVmR0YURBS1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemxzWTIxNGFHSnRZM1ppTTFKM1RIazFibUZZVW05a1YwbDJaREk1ZVdFeVduTmlNMlI2VEROT2NBcGFNMDR3WWpOS2JFeFlWbmRhUjBZd1dsaEpkV1ZYTVhOUlNFcHNXbTVOZG1OSVZuTmlRemg0VFZSRk5VMVRPWFJhV0VwdVdsUkJORUpuYjNKQ1owVkZDa0ZaVHk5TlFVVkxRa052VFV0SFZtcGFWMVV4VG5wSk1FMHlXVEJQUkZsNVRtcG5lRTFYV1hwYVJHaHBXVmROTTFsdFdUUlplbEpzVGxkV2JFNXRVbWtLVGtSTmQwaFJXVXRMZDFsQ1FrRkhSSFo2UVVKRGQxRlFSRUV4Ym1GWVVtOWtWMGwwWVVjNWVtUkhWbXROUXpCSFEybHpSMEZSVVVKbk56aDNRVkYzUlFwSWQzZGtZVWhTTUdOSVRUWk1lVGx1WVZoU2IyUlhTWFZaTWpsMFRESldlV0pIUm5WYWVUbDJaRWhCZDA5QldVdExkMWxDUWtGSFJIWjZRVUpFVVZGeENrUkRhR3haTWxac1RsUmplVTVFVG0xT1JHY3lUV3BaTkUxVVJtMU5NbEUwV1cxR2FrNHlTbTFQUjAwd1dsUldiRnBVV210WmFsRjZUVU5WUjBOcGMwY0tRVkZSUW1jM09IZEJVVFJGUm5kM1ZtTnRWbTFqZVRsM1pGZDRjMHg2UlhoTlZHdDRUREl4YkdOdFpHeE5RbGxIUTJselIwRlJVVUpuTnpoM1FWRTRSUXBEUVhkSFRYcGpNRTlVU1ROTlEydEhRMmx6UjBGUlVVSm5OemgzUVZKQlJVZDNkMXBoU0ZJd1kwaE5Oa3g1T1c1aFdGSnZaRmRKZFZreU9YUk1NbFo1Q21KSFJuVmFla0ZYUW1kdmNrSm5SVVZCV1U4dlRVRkZVa0pCWjAxQ2FrVXhUWHBOTlUxNlFuRkNaMjl5UW1kRlJVRlpUeTlOUVVWVFFrWjNUVmR0YURBS1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemxzWTIxNGFHSnRZM1ppTTFKM1RIazFibUZZVW05a1YwbDJaREk1ZVdFeVduTmlNMlI2VEROT2NBcGFNMDR3WWpOS2JFeFlWbmRhUjBZd1dsaEpkV1ZYTVhOUlNFcHNXbTVOZG1OSVZuTmlRemg0VFZSRk5VMVRPWFJhV0VwdVdsUkJORUpuYjNKQ1owVkZDa0ZaVHk5TlFVVlVRa052VFV0SFZtcGFWMVV4VG5wSk1FMHlXVEJQUkZsNVRtcG5lRTFYV1hwYVJHaHBXVmROTTFsdFdUUlplbEpzVGxkV2JFNXRVbWtLVGtSTmQwaEJXVXRMZDFsQ1FrRkhSSFo2UVVKR1FWRlBSRUY0ZDJSWGVITllNMHBzWTFoV2JHTXpVWGRWVVZsTFMzZFpRa0pCUjBSMmVrRkNSbEZTUkFwRVJVWnZaRWhTZDJONmIzWk1NbVJ3WkVkb01WbHBOV3BpTWpCMldsaEtjMWxYTlc1TU1qa3dZME01YUZrelVuQmlNalY2VEROS01XSnVUWFpOYWxrMENrOVVSWGhPVkdzeFRWUlpkbGxZVWpCYVZ6RjNaRWhOZGsxVVFWZENaMjl5UW1kRlJVRlpUeTlOUVVWWFFrRm5UVUp1UWpGWmJYaHdXWHBCYzBKbmIzSUtRbWRGUlVGWlR5OU5RVVZaUWtJMFRVaElTbXhqUnpnMldsaEtjMWxYTlc1TU1qa3dZMFJ3ZDJSWGVITllNMHBzWTFoV2JHTXpVWGRuV1d0SFEybHpSd3BCVVZGQ01XNXJRMEpCU1VWbGQxSTFRVWhqUVdSUlJHUlFWRUp4ZUhOalVrMXRUVnBJYUhsYVducGpRMjlyY0dWMVRqUTRjbVlyU0dsdVMwRk1lVzUxQ21wblFVRkJXalpPTTNWa1RFRkJRVVZCZDBKSFRVVlJRMGxJU2t0Rk0wUkJTbTVzT0hkQ2VYSjJTVmRIWTIxa2EwSXlXazFrUjFNelJsVXdiMUF2Y1ZjS1JEZFZOVUZwUW5jME1XNUxVVUZtVGpNelNVZ3paazR6UVVKMloxcGljVE5ETmxGNldrazFlRmhvTTJ0S1pIcHhhMVJCUzBKblozRm9hMnBQVUZGUlJBcEJkMDV2UVVSQ2JFRnFSVUUzVUVrdlFYVTRiamxFWlRobU4wSTBUUzgyYlZkUU4wczNSVFZ0TVRaTVlWTXlWM0V6ZERaRVFYWjVWbEp2VlVaTU0yVTRDblkzU0hVNGNTOU1TbmR1UjBGcVFUZEpMemhDUlRKUE1WUnRVaXRXVVZkT2FEZGhha1JYVkRONWRtWkJRVkpoZGpCa05rRkxPVXBZT1dKcGMzSm5jMWNLWTFFMWVqSjFaVnA1Wml0TlIwdGpQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09In1dfX0="}],"timestampVerificationData":{}},"dsseEnvelope":{"payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCJzdWJqZWN0IjpbeyJuYW1lIjoib3RwLTI2Lm9wZW52ZXguanNvbiIsImRpZ2VzdCI6eyJzaGEyNTYiOiI5N2M1ZDBmOGNiMzU5OTYzMGEwZjU0NDQzYTRmNzU5NjlhMjFlOGQ4ZmI5OTRjZjM1Yzk0YmQyYzk3MDA5M2JhIn19LHsibmFtZSI6Im90cC0yNy5vcGVudmV4Lmpzb24iLCJkaWdlc3QiOnsic2hhMjU2IjoiZmEwMTQxM2FiZTk4NThkODk2YjIzMjAyNWViMDJlZDMwNGYyNzRhZTA4MTMyNGE1MTAzZWQ4ODlhOGI4MGE2NCJ9fSx7Im5hbWUiOiJvdHAtMjgub3BlbnZleC5qc29uIiwiZGlnZXN0Ijp7InNoYTI1NiI6ImNkMjZjYzU5Yzg3OTdhZmEyOWZhNzFkMGJhMjU4ZGRkMTEzYWMxM2I4NTY4ZGU1Y2EyNTc0MTY1NTg2ZjYyYTEifX0seyJuYW1lIjoib3RwLTI5Lm9wZW52ZXguanNvbiIsImRpZ2VzdCI6eyJzaGEyNTYiOiJmMDVkNjY3YzhjYzkxYjc4MzNlZGZlYmE0NjE5OTViYmU3NDI1NmUyYmYyNGZiMzI5NDFhMzIxNzQ0MzkwZGM5In19XSwicHJlZGljYXRlVHlwZSI6Imh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MSIsInByZWRpY2F0ZSI6eyJidWlsZERlZmluaXRpb24iOnsiYnVpbGRUeXBlIjoiaHR0cHM6Ly9hY3Rpb25zLmdpdGh1Yi5pby9idWlsZHR5cGVzL3dvcmtmbG93L3YxIiwiZXh0ZXJuYWxQYXJhbWV0ZXJzIjp7IndvcmtmbG93Ijp7InJlZiI6InJlZnMvcHVsbC8xMTE5MS9tZXJnZSIsInJlcG9zaXRvcnkiOiJodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cCIsInBhdGgiOiIuZ2l0aHViL3dvcmtmbG93cy9zaWdzdG9yZS11cGRhdGVyLnltbCJ9fSwiaW50ZXJuYWxQYXJhbWV0ZXJzIjp7ImdpdGh1YiI6eyJldmVudF9uYW1lIjoicHVsbF9yZXF1ZXN0IiwicmVwb3NpdG9yeV9pZCI6IjM3NDkyNyIsInJlcG9zaXRvcnlfb3duZXJfaWQiOiIxNTMzOTMiLCJydW5uZXJfZW52aXJvbm1lbnQiOiJnaXRodWItaG9zdGVkIn19LCJyZXNvbHZlZERlcGVuZGVuY2llcyI6W3sidXJpIjoiZ2l0K2h0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwQHJlZnMvcHVsbC8xMTE5MS9tZXJnZSIsImRpZ2VzdCI6eyJnaXRDb21taXQiOiJlY2VlNTcyNDNmNDg2MjY4MTFmM2Q4YmFjN2JmOGM0ZTVlZTZkYjQzIn19XX0sInJ1bkRldGFpbHMiOnsiYnVpbGRlciI6eyJpZCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZSJ9LCJtZXRhZGF0YSI6eyJpbnZvY2F0aW9uSWQiOiJodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cC9hY3Rpb25zL3J1bnMvMjY4OTExNTk1MTYvYXR0ZW1wdHMvMSJ9fX19","payloadType":"application/vnd.in-toto+json","signatures":[{"sig":"MEQCICF54pdLbACiseeFlW0lpbVR4FNvbquRXDQXv/2Sz1K1AiBsX0M55kIaYIfUvwQ+1XS8JhVOvfbld3n0UnpSB9SZBQ=="}]}} diff --git a/vex/otp-28.openvex.json.sigstore.license b/vex/otp-28.openvex.json.sigstore.license deleted file mode 100644 index 36976e9b8949..000000000000 --- a/vex/otp-28.openvex.json.sigstore.license +++ /dev/null @@ -1,7 +0,0 @@ -%CopyrightBegin% - -SPDX-License-Identifier: Apache-2.0 - -Copyright Ericsson AB 2026. All Rights Reserved. - -%CopyrightEnd% diff --git a/vex/otp-29.openvex.json b/vex/otp-29.openvex.json deleted file mode 100644 index f725acbac854..000000000000 --- a/vex/otp-29.openvex.json +++ /dev/null @@ -1,379 +0,0 @@ -{ - "@context": "https://openvex.dev/ns/v0.2.0", - "@id": "https://openvex.dev/docs/public/otp/vex-otp-29", - "author": "vexctl", - "timestamp": "2025-09-19T10:20:20.759995+02:00", - "last_updated": "2026-06-03T14:23:07.638251938Z", - "version": 28, - "statements": [ - { - "vulnerability": { - "name": "CVE-2016-2183" - }, - "timestamp": "2025-09-19T10:33:18.120131746+02:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-4575" - }, - "timestamp": "2025-09-19T10:33:18.136216491+02:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@01d5e2318405362b4de5e670c90d9b40a351d053" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2023-45853" - }, - "timestamp": "2025-09-19T10:33:18.152633759+02:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@1a8db63788c34a50e39e273d39b7e1033208aea2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-9232" - }, - "timestamp": "2025-10-03T11:46:13.915995633+02:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-9231" - }, - "timestamp": "2025-10-03T11:46:13.933696501+02:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-9230" - }, - "timestamp": "2025-10-03T11:46:13.951288425+02:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@636dfadc70ce26f2473870570bfd9ec352806b1d" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22184" - }, - "timestamp": "2026-01-19T09:38:08.383632059+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@1a8db63788c34a50e39e273d39b7e1033208aea2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22796" - }, - "timestamp": "2026-01-30T10:03:00.121469502+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-22795" - }, - "timestamp": "2026-01-30T10:03:00.138091702+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69421" - }, - "timestamp": "2026-01-30T10:03:00.156010503+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69420" - }, - "timestamp": "2026-01-30T10:03:00.170810413+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69419" - }, - "timestamp": "2026-01-30T10:03:00.18767587+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-69418" - }, - "timestamp": "2026-01-30T10:03:00.203239185+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-68160" - }, - "timestamp": "2026-01-30T10:03:00.219327921+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-66199" - }, - "timestamp": "2026-01-30T10:03:00.234474744+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15469" - }, - "timestamp": "2026-01-30T10:03:00.250400479+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15468" - }, - "timestamp": "2026-01-30T10:03:00.266072092+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-15467" - }, - "timestamp": "2026-01-30T10:03:00.281865562+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2025-11187" - }, - "timestamp": "2026-01-30T10:03:00.297724197+01:00", - "products": [ - { - "@id": "pkg:github/openssl/openssl@7b371d80d959ec9ab4139d09d78e83c090de9779" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-27171" - }, - "timestamp": "2026-02-24T14:43:15.318240739+01:00", - "products": [ - { - "@id": "pkg:github/madler/zlib@1a8db63788c34a50e39e273d39b7e1033208aea2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_in_execute_path" - }, - { - "vulnerability": { - "name": "CVE-2024-58249" - }, - "timestamp": "2026-02-25T10:57:16.696091358+01:00", - "products": [ - { - "@id": "pkg:github//KhronosGroup/OpenGL-Refpages@dc585039bbd426829e3433002023a93f9bedd0c2" - } - ], - "status": "not_affected", - "justification": "vulnerable_code_not_present" - }, - { - "vulnerability": { - "name": "CVE-2026-42790" - }, - "timestamp": "2026-06-03T14:23:07.551401557Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-29.0" - }, - { - "@id": "pkg:otp/public_key@1.21" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.21.1", - "action_statement_timestamp": "2026-06-03T14:23:07.551401557Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42790" - }, - "timestamp": "2026-06-03T14:23:07.569358328Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-29.0.1" - }, - { - "@id": "pkg:otp/public_key@1.21.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42789" - }, - "timestamp": "2026-06-03T14:23:07.586585922Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-29.0" - }, - { - "@id": "pkg:otp/public_key@1.21" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.21.1", - "action_statement_timestamp": "2026-06-03T14:23:07.586585922Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42789" - }, - "timestamp": "2026-06-03T14:23:07.603776937Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-29.0.1" - }, - { - "@id": "pkg:otp/public_key@1.21.1" - } - ], - "status": "fixed" - }, - { - "vulnerability": { - "name": "CVE-2026-42791" - }, - "timestamp": "2026-06-03T14:23:07.621031069Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-29.0" - }, - { - "@id": "pkg:otp/public_key@1.21" - } - ], - "status": "affected", - "action_statement": "Update to any of the following versions: pkg:otp/public_key@1.21.1", - "action_statement_timestamp": "2026-06-03T14:23:07.621031069Z" - }, - { - "vulnerability": { - "name": "CVE-2026-42791" - }, - "timestamp": "2026-06-03T14:23:07.638252539Z", - "products": [ - { - "@id": "pkg:github/erlang/otp@OTP-29.0.1" - }, - { - "@id": "pkg:otp/public_key@1.21.1" - } - ], - "status": "fixed" - } - ] -} diff --git a/vex/otp-29.openvex.json.license b/vex/otp-29.openvex.json.license deleted file mode 100644 index 1ea854fee3f9..000000000000 --- a/vex/otp-29.openvex.json.license +++ /dev/null @@ -1,7 +0,0 @@ -%CopyrightBegin% - -SPDX-License-Identifier: Apache-2.0 - -Copyright Ericsson AB 2025. All Rights Reserved. - -%CopyrightEnd% diff --git a/vex/otp-29.openvex.json.sigstore b/vex/otp-29.openvex.json.sigstore deleted file mode 100644 index 0ba3d064a30e..000000000000 --- a/vex/otp-29.openvex.json.sigstore +++ /dev/null @@ -1 +0,0 @@ -{"mediaType":"application/vnd.dev.sigstore.bundle.v0.3+json","verificationMaterial":{"certificate":{"rawBytes":"MIIG9zCCBn2gAwIBAgIUG4zAoFm58meDXEW0d2XhJGtoPpcwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjYwNjAzMTQyNDE2WhcNMjYwNjAzMTQzNDE2WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEcCI0xFGE2ZR6F4nZcbWRF0v/hUiHS17lgx4wekr8Aggej7+1kEOzclN/A8Ftm+uTf3Wg2JO8tmHLOqxNqIOA7KOCBZwwggWYMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUCMe2ix0as1jmw1Rrua7F9M1OcRMwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8waAYDVR0RAQH/BF4wXIZaaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZy9vdHAvLmdpdGh1Yi93b3JrZmxvd3Mvc2lnc3RvcmUtdXBkYXRlci55bWxAcmVmcy9wdWxsLzExMTkxL21lcmdlMDkGCisGAQQBg78wAQEEK2h0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wGgYKKwYBBAGDvzABAgQMcHVsbF9yZXF1ZXN0MDYGCisGAQQBg78wAQMEKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwIwYKKwYBBAGDvzABBAQVVXBkYXRlIFNpZ3N0b3JlIEZpbGVzMBgGCisGAQQBg78wAQUECmVybGFuZy9vdHAwIwYKKwYBBAGDvzABBgQVcmVmcy9wdWxsLzExMTkxL21lcmdlMDsGCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbTBqBgorBgEEAYO/MAEJBFwMWmh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZTA4BgorBgEEAYO/MAEKBCoMKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwHQYKKwYBBAGDvzABCwQPDA1naXRodWItaG9zdGVkMC0GCisGAQQBg78wAQwEHwwdaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZy9vdHAwOAYKKwYBBAGDvzABDQQqDChlY2VlNTcyNDNmNDg2MjY4MTFmM2Q4YmFjN2JmOGM0ZTVlZTZkYjQzMCUGCisGAQQBg78wAQ4EFwwVcmVmcy9wdWxsLzExMTkxL21lcmdlMBYGCisGAQQBg78wAQ8ECAwGMzc0OTI3MCkGCisGAQQBg78wARAEGwwZaHR0cHM6Ly9naXRodWIuY29tL2VybGFuZzAWBgorBgEEAYO/MAERBAgMBjE1MzM5MzBqBgorBgEEAYO/MAESBFwMWmh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZTA4BgorBgEEAYO/MAETBCoMKGVjZWU1NzI0M2Y0ODYyNjgxMWYzZDhiYWM3YmY4YzRlNWVlNmRiNDMwHAYKKwYBBAGDvzABFAQODAxwdWxsX3JlcXVlc3QwUQYKKwYBBAGDvzABFQRDDEFodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cC9hY3Rpb25zL3J1bnMvMjY4OTExNTk1MTYvYXR0ZW1wdHMvMTAWBgorBgEEAYO/MAEWBAgMBnB1YmxpYzAsBgorBgEEAYO/MAEYBB4MHHJlcG86ZXJsYW5nL290cDpwdWxsX3JlcXVlc3QwgYkGCisGAQQB1nkCBAIEewR5AHcAdQDdPTBqxscRMmMZHhyZZzcCokpeuN48rf+HinKALynujgAAAZ6N3udLAAAEAwBGMEQCIHJKE3DAJnl8wByrvIWGcmdkB2ZMdGS3FU0oP/qWD7U5AiBw41nKQAfN33IH3fN3ABvgZbq3C6QzZI5xXh3kJdzqkTAKBggqhkjOPQQDAwNoADBlAjEA7PI/Au8n9De8f7B4M/6mWP7K7E5m16LaS2Wq3t6DAvyVRoUFL3e8v7Hu8q/LJwnGAjA7I/8BE2O1TmR+VQWNh7ajDWT3yvfAARav0d6AK9JX9bisrgsWcQ5z2ueZyf+MGKc="},"tlogEntries":[{"logIndex":"1710277081","logId":{"keyId":"wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="},"kindVersion":{"kind":"dsse","version":"0.0.1"},"integratedTime":"1780496656","inclusionPromise":{"signedEntryTimestamp":"MEYCIQD79YgopD6JzLIidRYsV75bq1rMc2dS9FtN3lfSzPERbwIhAN4wq/xL5/ixJtPhLV43jDa3FxsjqmFFIJwrucb7jMKp"},"inclusionProof":{"logIndex":"1588372819","rootHash":"20TIzgjsxgS8aGDmzJL+zph1VY2bqrWbkQ9coS/yaoc=","treeSize":"1588372828","hashes":["iF2rE088N9KQRrq026IMEgGQHRTud+FNpZyv+J1XgQY=","iEReAFBBsYMfOiqrKLbbdzFBsVOCUjaOw4Ad7JHn0p0=","lXhXGDly5dWd1GDK1zWcMovPxeLsJiNx5hdwDPyRB1g=","axA9VnGlrggdWvqG6zJl+P7+DvXuEDoamoU6nsRxDn8=","pM0GncDQusDxZ40sD17D6h03NfyU3p8do0W5wl+j1oM=","r/AdB81Uj6TGbOXButx6Rs1fqJTifs6uyKgWOgco33Q=","J4xJALDVXMCEZ0/2LaSgwfEM2ragaacMgM80mGwWw/k=","BTohSxWFbLad+xniUwFYTkgEPzpD0sGtgONtSzFOyf0=","vX2O3QNhq34qiBOmXYK03F0QE/0c7Z+eNB3GeQl1YEE=","VhYrv8/yc+MbvPNDU0BS08mfIgcWTdnTHcEZ22mctno=","cNFZMDy1QCvSMhnHQtNIPvnqyNW4t7K9rJtLqwbhWLc=","yAsIiHvLiBOMyoqUseT0lWqlj+t22Gd7GYy0fAFDEPc=","5aNRn+UCc6rfNpt2yb0IDfEWXUURb2UdNqGHuAe0Kuk=","/H9g3cQS0WMzt1xN6KYtWYBC93b9C+BulyABJ6kzvew=","NSkfjqosjcbjuITRR3k++3CKLDql/hao4MUycvdrMXc=","hn+ppu7vwlSCi7W1L5Z750bpAdr+WUAJLSUnb8qLy3k=","r5nn9+mbgUQL4m8neTg/XjYkdf2hD/cvZMsNR/v0cBU=","eT+F471g2HJfd43U4j4L1PIBkt4rLbHQd/pOR/rllO0=","DOCeoSMovIvLExkhIvisow9AuNXgeWs4ECkyR6EcqYU="],"checkpoint":{"envelope":"rekor.sigstore.dev - 1193050959916656506\n1588372828\n20TIzgjsxgS8aGDmzJL+zph1VY2bqrWbkQ9coS/yaoc=\n\nā€” rekor.sigstore.dev wNI9ajBEAiBGGwHdOjFsGk5omhgZpeRco8ySnmR/DuJcwSWzITe1bwIgCQmuL2eZ+a768Y52DGIaT/WWiPbMxgPtbJDDcKSZFZQ=\n"}},"canonicalizedBody":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiYTg1MzA5MmZlYTYxZWI0NmQ1ZTg4OWI4NDYyZmQyZTkxODljYjBjMWMwNjdhZTU4Y2Y3N2MwYWZmYzQ4YmQ1MSJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6ImE2OTMxNTdhZGMzZDg1MDk4YmMwNmM1ZGQ2NWIyYTc3MDg2MjliYzg3ODhkMDI0NDUxOWQ3NTk3YjNhZDZhMDQifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVRQ0lDRjU0cGRMYkFDaXNlZUZsVzBscGJWUjRGTnZicXVSWERRWHYvMlN6MUsxQWlCc1gwTTU1a0lhWUlmVXZ3USsxWFM4SmhWT3ZmYmxkM24wVW5wU0I5U1pCUT09IiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VjNWVrTkRRbTR5WjBGM1NVSkJaMGxWUnpSNlFXOUdiVFU0YldWRVdFVlhNR1F5V0doS1IzUnZVSEJqZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwWmQwNXFRWHBOVkZGNVRrUkZNbGRvWTA1TmFsbDNUbXBCZWsxVVVYcE9SRVV5VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVmpRMGt3ZUVaSFJUSmFValpHTkc1YVkySlhVa1l3ZGk5b1ZXbElVekUzYkdkNE5IY0taV3R5T0VGbloyVnFOeXN4YTBWUGVtTnNUaTlCT0VaMGJTdDFWR1l6VjJjeVNrODRkRzFJVEU5eGVFNXhTVTlCTjB0UFEwSmFkM2RuWjFkWlRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVkRUV1V5Q21sNE1HRnpNV3B0ZHpGU2NuVmhOMFk1VFRGUFkxSk5kMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMkZCV1VSV1VqQlNRVkZJTDBKR05IZFlTVnBoWVVoU01HTklUVFpNZVRsdVlWaFNiMlJYU1hWWk1qbDBUREpXZVdKSFJuVmFlVGwyWkVoQmRncE1iV1J3WkVkb01WbHBPVE5pTTBweVdtMTRkbVF6VFhaak1teHVZek5TZG1OdFZYUmtXRUpyV1ZoU2JHTnBOVFZpVjNoQlkyMVdiV041T1hka1YzaHpDa3g2UlhoTlZHdDRUREl4YkdOdFpHeE5SR3RIUTJselIwRlJVVUpuTnpoM1FWRkZSVXN5YURCa1NFSjZUMms0ZG1SSE9YSmFWelIxV1ZkT01HRlhPWFVLWTNrMWJtRllVbTlrVjBveFl6SldlVmt5T1hWa1IxWjFaRU0xYW1JeU1IZEhaMWxMUzNkWlFrSkJSMFIyZWtGQ1FXZFJUV05JVm5OaVJqbDVXbGhHTVFwYVdFNHdUVVJaUjBOcGMwZEJVVkZDWnpjNGQwRlJUVVZMUjFacVdsZFZNVTU2U1RCTk1sa3dUMFJaZVU1cVozaE5WMWw2V2tSb2FWbFhUVE5aYlZrMENsbDZVbXhPVjFac1RtMVNhVTVFVFhkSmQxbExTM2RaUWtKQlIwUjJla0ZDUWtGUlZsWllRbXRaV0ZKc1NVWk9jRm96VGpCaU0wcHNTVVZhY0dKSFZub0tUVUpuUjBOcGMwZEJVVkZDWnpjNGQwRlJWVVZEYlZaNVlrZEdkVnA1T1haa1NFRjNTWGRaUzB0M1dVSkNRVWRFZG5wQlFrSm5VVlpqYlZadFkzazVkd3BrVjNoelRIcEZlRTFVYTNoTU1qRnNZMjFrYkUxRWMwZERhWE5IUVZGUlFtYzNPSGRCVVdkRlRGRjNjbUZJVWpCalNFMDJUSGs1TUdJeWRHeGlhVFZvQ2xrelVuQmlNalY2VEcxa2NHUkhhREZaYmxaNldsaEthbUl5TlRCYVZ6VXdURzFPZG1KVVFuRkNaMjl5UW1kRlJVRlpUeTlOUVVWS1FrWjNUVmR0YURBS1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemxzWTIxNGFHSnRZM1ppTTFKM1RIazFibUZZVW05a1YwbDJaREk1ZVdFeVduTmlNMlI2VEROT2NBcGFNMDR3WWpOS2JFeFlWbmRhUjBZd1dsaEpkV1ZYTVhOUlNFcHNXbTVOZG1OSVZuTmlRemg0VFZSRk5VMVRPWFJhV0VwdVdsUkJORUpuYjNKQ1owVkZDa0ZaVHk5TlFVVkxRa052VFV0SFZtcGFWMVV4VG5wSk1FMHlXVEJQUkZsNVRtcG5lRTFYV1hwYVJHaHBXVmROTTFsdFdUUlplbEpzVGxkV2JFNXRVbWtLVGtSTmQwaFJXVXRMZDFsQ1FrRkhSSFo2UVVKRGQxRlFSRUV4Ym1GWVVtOWtWMGwwWVVjNWVtUkhWbXROUXpCSFEybHpSMEZSVVVKbk56aDNRVkYzUlFwSWQzZGtZVWhTTUdOSVRUWk1lVGx1WVZoU2IyUlhTWFZaTWpsMFRESldlV0pIUm5WYWVUbDJaRWhCZDA5QldVdExkMWxDUWtGSFJIWjZRVUpFVVZGeENrUkRhR3haTWxac1RsUmplVTVFVG0xT1JHY3lUV3BaTkUxVVJtMU5NbEUwV1cxR2FrNHlTbTFQUjAwd1dsUldiRnBVV210WmFsRjZUVU5WUjBOcGMwY0tRVkZSUW1jM09IZEJVVFJGUm5kM1ZtTnRWbTFqZVRsM1pGZDRjMHg2UlhoTlZHdDRUREl4YkdOdFpHeE5RbGxIUTJselIwRlJVVUpuTnpoM1FWRTRSUXBEUVhkSFRYcGpNRTlVU1ROTlEydEhRMmx6UjBGUlVVSm5OemgzUVZKQlJVZDNkMXBoU0ZJd1kwaE5Oa3g1T1c1aFdGSnZaRmRKZFZreU9YUk1NbFo1Q21KSFJuVmFla0ZYUW1kdmNrSm5SVVZCV1U4dlRVRkZVa0pCWjAxQ2FrVXhUWHBOTlUxNlFuRkNaMjl5UW1kRlJVRlpUeTlOUVVWVFFrWjNUVmR0YURBS1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemxzWTIxNGFHSnRZM1ppTTFKM1RIazFibUZZVW05a1YwbDJaREk1ZVdFeVduTmlNMlI2VEROT2NBcGFNMDR3WWpOS2JFeFlWbmRhUjBZd1dsaEpkV1ZYTVhOUlNFcHNXbTVOZG1OSVZuTmlRemg0VFZSRk5VMVRPWFJhV0VwdVdsUkJORUpuYjNKQ1owVkZDa0ZaVHk5TlFVVlVRa052VFV0SFZtcGFWMVV4VG5wSk1FMHlXVEJQUkZsNVRtcG5lRTFYV1hwYVJHaHBXVmROTTFsdFdUUlplbEpzVGxkV2JFNXRVbWtLVGtSTmQwaEJXVXRMZDFsQ1FrRkhSSFo2UVVKR1FWRlBSRUY0ZDJSWGVITllNMHBzWTFoV2JHTXpVWGRWVVZsTFMzZFpRa0pCUjBSMmVrRkNSbEZTUkFwRVJVWnZaRWhTZDJONmIzWk1NbVJ3WkVkb01WbHBOV3BpTWpCMldsaEtjMWxYTlc1TU1qa3dZME01YUZrelVuQmlNalY2VEROS01XSnVUWFpOYWxrMENrOVVSWGhPVkdzeFRWUlpkbGxZVWpCYVZ6RjNaRWhOZGsxVVFWZENaMjl5UW1kRlJVRlpUeTlOUVVWWFFrRm5UVUp1UWpGWmJYaHdXWHBCYzBKbmIzSUtRbWRGUlVGWlR5OU5RVVZaUWtJMFRVaElTbXhqUnpnMldsaEtjMWxYTlc1TU1qa3dZMFJ3ZDJSWGVITllNMHBzWTFoV2JHTXpVWGRuV1d0SFEybHpSd3BCVVZGQ01XNXJRMEpCU1VWbGQxSTFRVWhqUVdSUlJHUlFWRUp4ZUhOalVrMXRUVnBJYUhsYVducGpRMjlyY0dWMVRqUTRjbVlyU0dsdVMwRk1lVzUxQ21wblFVRkJXalpPTTNWa1RFRkJRVVZCZDBKSFRVVlJRMGxJU2t0Rk0wUkJTbTVzT0hkQ2VYSjJTVmRIWTIxa2EwSXlXazFrUjFNelJsVXdiMUF2Y1ZjS1JEZFZOVUZwUW5jME1XNUxVVUZtVGpNelNVZ3paazR6UVVKMloxcGljVE5ETmxGNldrazFlRmhvTTJ0S1pIcHhhMVJCUzBKblozRm9hMnBQVUZGUlJBcEJkMDV2UVVSQ2JFRnFSVUUzVUVrdlFYVTRiamxFWlRobU4wSTBUUzgyYlZkUU4wczNSVFZ0TVRaTVlWTXlWM0V6ZERaRVFYWjVWbEp2VlVaTU0yVTRDblkzU0hVNGNTOU1TbmR1UjBGcVFUZEpMemhDUlRKUE1WUnRVaXRXVVZkT2FEZGhha1JYVkRONWRtWkJRVkpoZGpCa05rRkxPVXBZT1dKcGMzSm5jMWNLWTFFMWVqSjFaVnA1Wml0TlIwdGpQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09In1dfX0="}],"timestampVerificationData":{}},"dsseEnvelope":{"payload":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCJzdWJqZWN0IjpbeyJuYW1lIjoib3RwLTI2Lm9wZW52ZXguanNvbiIsImRpZ2VzdCI6eyJzaGEyNTYiOiI5N2M1ZDBmOGNiMzU5OTYzMGEwZjU0NDQzYTRmNzU5NjlhMjFlOGQ4ZmI5OTRjZjM1Yzk0YmQyYzk3MDA5M2JhIn19LHsibmFtZSI6Im90cC0yNy5vcGVudmV4Lmpzb24iLCJkaWdlc3QiOnsic2hhMjU2IjoiZmEwMTQxM2FiZTk4NThkODk2YjIzMjAyNWViMDJlZDMwNGYyNzRhZTA4MTMyNGE1MTAzZWQ4ODlhOGI4MGE2NCJ9fSx7Im5hbWUiOiJvdHAtMjgub3BlbnZleC5qc29uIiwiZGlnZXN0Ijp7InNoYTI1NiI6ImNkMjZjYzU5Yzg3OTdhZmEyOWZhNzFkMGJhMjU4ZGRkMTEzYWMxM2I4NTY4ZGU1Y2EyNTc0MTY1NTg2ZjYyYTEifX0seyJuYW1lIjoib3RwLTI5Lm9wZW52ZXguanNvbiIsImRpZ2VzdCI6eyJzaGEyNTYiOiJmMDVkNjY3YzhjYzkxYjc4MzNlZGZlYmE0NjE5OTViYmU3NDI1NmUyYmYyNGZiMzI5NDFhMzIxNzQ0MzkwZGM5In19XSwicHJlZGljYXRlVHlwZSI6Imh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MSIsInByZWRpY2F0ZSI6eyJidWlsZERlZmluaXRpb24iOnsiYnVpbGRUeXBlIjoiaHR0cHM6Ly9hY3Rpb25zLmdpdGh1Yi5pby9idWlsZHR5cGVzL3dvcmtmbG93L3YxIiwiZXh0ZXJuYWxQYXJhbWV0ZXJzIjp7IndvcmtmbG93Ijp7InJlZiI6InJlZnMvcHVsbC8xMTE5MS9tZXJnZSIsInJlcG9zaXRvcnkiOiJodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cCIsInBhdGgiOiIuZ2l0aHViL3dvcmtmbG93cy9zaWdzdG9yZS11cGRhdGVyLnltbCJ9fSwiaW50ZXJuYWxQYXJhbWV0ZXJzIjp7ImdpdGh1YiI6eyJldmVudF9uYW1lIjoicHVsbF9yZXF1ZXN0IiwicmVwb3NpdG9yeV9pZCI6IjM3NDkyNyIsInJlcG9zaXRvcnlfb3duZXJfaWQiOiIxNTMzOTMiLCJydW5uZXJfZW52aXJvbm1lbnQiOiJnaXRodWItaG9zdGVkIn19LCJyZXNvbHZlZERlcGVuZGVuY2llcyI6W3sidXJpIjoiZ2l0K2h0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwQHJlZnMvcHVsbC8xMTE5MS9tZXJnZSIsImRpZ2VzdCI6eyJnaXRDb21taXQiOiJlY2VlNTcyNDNmNDg2MjY4MTFmM2Q4YmFjN2JmOGM0ZTVlZTZkYjQzIn19XX0sInJ1bkRldGFpbHMiOnsiYnVpbGRlciI6eyJpZCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9lcmxhbmcvb3RwLy5naXRodWIvd29ya2Zsb3dzL3NpZ3N0b3JlLXVwZGF0ZXIueW1sQHJlZnMvcHVsbC8xMTE5MS9tZXJnZSJ9LCJtZXRhZGF0YSI6eyJpbnZvY2F0aW9uSWQiOiJodHRwczovL2dpdGh1Yi5jb20vZXJsYW5nL290cC9hY3Rpb25zL3J1bnMvMjY4OTExNTk1MTYvYXR0ZW1wdHMvMSJ9fX19","payloadType":"application/vnd.in-toto+json","signatures":[{"sig":"MEQCICF54pdLbACiseeFlW0lpbVR4FNvbquRXDQXv/2Sz1K1AiBsX0M55kIaYIfUvwQ+1XS8JhVOvfbld3n0UnpSB9SZBQ=="}]}} diff --git a/vex/otp-29.openvex.json.sigstore.license b/vex/otp-29.openvex.json.sigstore.license deleted file mode 100644 index 36976e9b8949..000000000000 --- a/vex/otp-29.openvex.json.sigstore.license +++ /dev/null @@ -1,7 +0,0 @@ -%CopyrightBegin% - -SPDX-License-Identifier: Apache-2.0 - -Copyright Ericsson AB 2026. All Rights Reserved. - -%CopyrightEnd%