Starbelly

**Name of the Vulnerable Software and Affected Versions** Erlang OTP versions 25.3.2.8 through 27.0 Erlang OTP version 26.2 Erlang OTP versions prior to 27.1.3 **Description** A regression in the ssl application of Erlang OTP causes a server or client to verify the peer even when incorrect extended key usage is presented. This issue can be exploited by a remote attacker to conduct a man-in-the-middle (MitM) attack, allowing unauthorized access. The vulnerability is related to errors in the certificate authentication procedure and incorrect certificate checking. **Recommendations** For Erlang OTP versions 25.3.2.8 through 27.0, upgrade to a version later than 27.1.3. For Erlang OTP version 26.2, upgrade to a version later than 27.1.3. For Erlang OTP versions prior to 27.1.3, upgrade to version 27.1.3 or later. As a temporary workaround, consider restricting the use of the ssl application until a patch is available.