{"id":"AZL-78285","summary":"CVE-2026-21620 affecting package erlang 26.2.5.15-1","details":"Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerability is associated with program files lib/tftp/src/tftp_file.erl, src/tftp_file.erl.\n\nThis issue affects otp: from 17.0, from 07b8f441ca711f9812fad9e9115bab3c3aa92f79; otp: from 5.10 before 7.0; otp: from 1.0.","modified":"2026-04-21T04:34:23.520909Z","published":"2026-02-20T11:15:56Z","upstream":["CVE-2026-21620"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21620"}],"affected":[{"package":{"name":"erlang","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/erlang"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"26.2.5.15-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-78285.json"}}],"schema_version":"1.7.5"}