{ "affected": [ { "ecosystem_specific": { "urgency": "low" }, "package": { "ecosystem": "Debian:11", "name": "erlang" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:14.b.3-dfsg-1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "urgency": "low" }, "package": { "ecosystem": "Debian:12", "name": "erlang" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:14.b.3-dfsg-1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "urgency": "low" }, "package": { "ecosystem": "Debian:13", "name": "erlang" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:14.b.3-dfsg-1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "urgency": "low" }, "package": { "ecosystem": "Debian:14", "name": "erlang" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1:14.b.3-dfsg-1" } ], "type": "ECOSYSTEM" } ] } ], "details": "The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.", "id": "DEBIAN-CVE-2011-0766", "modified": "2026-04-28T19:53:42.478013899Z", "published": "2011-05-31T20:55:01.780Z", "references": [ { "type": "ADVISORY", "url": "https://security-tracker.debian.org/tracker/CVE-2011-0766" } ], "upstream": [ "CVE-2011-0766" ] }