CVE-2025-4748 | Erlang OTP up to 28.0.1 lib/stdlib/src/zip.erl path traversal (GHSA-9g37-pgj9-wrhc)

A vulnerability was found in Erlang OTP up to 28.0.1. It has been rated as critical. Affected by this issue is some unknown functionality in the library lib/stdlib/src/zip.erl. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2025-4748. The attack needs to be approached locally. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More