Topics tagged security

Topic	Replies	Views	Activity
CVE-2025-32433: Major vulnerability in OTP's SSH server Chat / Discussions security You may have seen that a critical security vulnerability has been disclosed in the OTP SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. If your…	12	1101	April 23, 2025
How do you secure your dev machine/environment Dev Env & Tools security , dev-environment	7	248	April 23, 2025
Thinking Elixir Podcast 250 - EEF Elections and Security Blogs & Podcasts security , podcasts , via-devtalk , podcasts-by-brainlid , eef , sbom	0	29	April 22, 2025
Minor Ash CVE: Email link auto-click account confirmation vulnerability Ash News security , ash , security-update	0	96	April 14, 2025
Thinking Elixir 248 - Security Insights with Paraxial Blogs & Podcasts security , postgres , podcasts , oban , via-devtalk , podcasts-by-brainlid , in-the-news	1	80	April 8, 2025
Should phx.gen.auth return 401s Chat / Discussions security , phoenix	24	186	April 2, 2025
Thinking Elixir 245 - Supply Chain Security and SBoMs Blogs & Podcasts security , podcasts , wasm , via-devtalk , podcasts-by-brainlid , eef , sbom	0	49	March 18, 2025
ExAcme - a library for issuing certificates via ACME services like Let's Encrypt Libraries security , letsencrypt , certificates , acme	0	80	March 7, 2025
Podcast: Thinking Elixir 242 - Magic Links and Sudo Mode Blogs & Podcasts debugging , authentication , security , podcasts , via-devtalk , podcasts-by-brainlid , in-the-news	0	49	February 25, 2025
Elixir/Phoenix security considerations? Questions / Help security , phoenix	3	416	January 30, 2025
Using SIM card as a secure storage Nerves Chat security	3	155	January 21, 2025
How to set security headers in phoenix live view? Questions / Help security , phoenix , liveview	7	290	January 6, 2025
Paraxial.io - Bot prevention for Elixir/Phoenix apps Chat / Discussions security , bots	11	2141	December 26, 2024
How to instruct Phoenix to set secure flag (HTTPS only) on session cookie? Questions / Help security , phoenix , session	8	5393	December 6, 2024
WebAuthnLiveComponent - Passwordless Auth for LiveView Apps Libraries authentication , security , phoenix , liveview	42	6282	December 3, 2024
Phx2Ban - a web application firewall built for Phoenix Chat / Discussions security , phoenix , bandit , phx2ban	8	754	November 29, 2024
Default NimbleTOTP & Hammer for Phoenix 1.7.xx Questions / Help security	0	68	November 8, 2024
Why is it recommended to use a GenServer when reading the Cloak encryption key as an env var? Questions / Help security , cybersecurity , cloak , cloak_ecto	2	137	October 27, 2024
Secure elements, beyond TLS Nerves Chat security	9	366	October 8, 2024
Are there any best practices to secure a Flame server instance? Questions / Help security , flame	1	121	September 24, 2024
Phoenix Blog Post: Content Security Policy configuration (in Phoenix with LiveView) Blogs & Podcasts security , phoenix , blog-post , blogs-by-paulanthonywilson	7	4354	September 17, 2024
Proof of Concept: Detect SQLi Payloads in Handle Event Params Chat / Discussions security , liveview	2	150	September 1, 2024
DeceptionRouter - trap scanners, spambots, and crawlers in an infinite number of pointless requests Libraries security , deception_router	1	163	August 31, 2024
Secure boot with Raspberry Pi CM4 and Nerves Nerves Chat security	24	1840	August 14, 2024
Do elixir processes provide similar isolation as os processes? (I'm trying to understand the risk of a sandbox escape from a v8 isolate) Questions / Help security , processes , chromev8	4	253	June 28, 2024
Wax: WebAuthn for Elixir Libraries authentication , security	8	2842	June 11, 2024
Improving Ecto ergonomics in ad-hoc querying scenarios Chat / Discussions ecto , security , ecto_sql	0	181	May 28, 2024
ARM TrustZone secure execution for embedded projects Nerves Chat security	0	148	May 28, 2024
Using LiveView without session and cookie (sometimes) Questions / Help security , phoenix , session , liveview	2	276	May 17, 2024
Backdoor in the xz library - check your environments Chat / Discussions security	10	4076	April 1, 2024

CVE-2025-32433: Major vulnerability in OTP's SSH server

security

You may have seen that a critical security vulnerability has been disclosed in the OTP SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. If your…