{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-48040", "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "state": "PUBLISHED", "assignerShortName": "EEF", "dateReserved": "2025-05-15T08:40:25.455Z", "datePublished": "2025-09-11T08:14:19.671Z", "dateUpdated": "2025-09-12T03:19:04.361Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "modules": ["ssh_sftp"], "packageName": "ssh", "product": "OTP", "programFiles": ["lib/ssh/src/ssh_sftpd.erl"], "repo": "https://github.com/erlang/otp", "vendor": "Erlang", "versions": [{"changes": [{"at": "pkg:otp/ssh@5.3.3", "status": "unaffected"}, {"at": "pkg:otp/ssh@5.2.11.3", "status": "unaffected"}, {"at": "pkg:otp/ssh@5.1.4.12", "status": "unaffected"}], "lessThan": "pkg:otp/ssh@*", "status": "affected", "version": "pkg:otp/ssh@3.0.1", "versionType": "purl"}, {"changes": [{"at": "28.0.3", "status": "unaffected"}, {"at": "27.3.4.3", "status": "unaffected"}, {"at": "26.2.5.15", "status": "unaffected"}], "lessThan": "*", "status": "affected", "version": "17.0", "versionType": "otp"}, {"changes": [{"at": "7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a", "status": "unaffected"}, {"at": "548f1295d86d0803da884db8685cc16d461d0d5a", "status": "unaffected"}], "lessThan": "*", "status": "affected", "version": "07b8f441ca711f9812fad9e9115bab3c3aa92f79", "versionType": "git"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.2.5.15", "vulnerable": true}, {"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "versionEndExcluding": "27.3.4.3", "versionStartIncluding": "27.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "versionEndExcluding": "28.0.3", "versionStartIncluding": "28.0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "credits": [{"lang": "en", "type": "remediation developer", "value": "Jakub Witczak"}, {"lang": "en", "type": "remediation reviewer", "value": "Ingela Andin"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding.<p> This vulnerability is associated with program files <tt>lib/ssh/src/ssh_sftpd.erl</tt>.</p><p>This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.</p>"}], "value": "Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl.\n\nThis issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12."}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}, {"capecId": "CAPEC-125", "descriptions": [{"lang": "en", "value": "CAPEC-125 Flooding"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "shortName": "EEF", "dateUpdated": "2025-09-12T03:19:04.361Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph"}, {"tags": ["x_version-scheme"], "url": "https://www.erlang.org/doc/system/versions.html#order-of-versions"}, {"tags": ["patch"], "url": "https://github.com/erlang/otp/pull/10162"}, {"tags": ["patch"], "url": "https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a"}, {"tags": ["patch"], "url": "https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a"}], "source": {"discovery": "INTERNAL"}, "title": "Malicious Key Exchange Messages may Lead to Excessive Resource Consumption", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<ul><li>set option <tt>parallel_login</tt> to <tt>false</tt></li><li>reduce <tt>max_sessions</tt> option</li></ul>"}], "value": "* set option parallel_login to false\n * reduce max_sessions option"}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-11T13:30:33.529743Z", "id": "CVE-2025-48040", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-11T14:36:29.640Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-48040", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-11T13:30:33.529743Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-11T13:30:37.281Z"}}], "cna": {"title": "Malicious Key Exchange Messages may Lead to Excessive Resource Consumption", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "remediation developer", "value": "Jakub Witczak"}, {"lang": "en", "type": "remediation reviewer", "value": "Ingela Andin"}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}, {"capecId": "CAPEC-125", "descriptions": [{"lang": "en", "value": "CAPEC-125 Flooding"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"], "repo": "https://github.com/erlang/otp", "vendor": "Erlang", "modules": ["ssh_sftp"], "product": "OTP", "versions": [{"status": "affected", "changes": [{"at": "pkg:otp/ssh@5.3.3", "status": "unaffected"}, {"at": "pkg:otp/ssh@5.2.11.3", "status": "unaffected"}, {"at": "pkg:otp/ssh@5.1.4.12", "status": "unaffected"}], "version": "pkg:otp/ssh@3.0.1", "lessThan": "pkg:otp/ssh@*", "versionType": "purl"}, {"status": "affected", "changes": [{"at": "28.0.3", "status": "unaffected"}, {"at": "27.3.4.3", "status": "unaffected"}, {"at": "26.2.5.15", "status": "unaffected"}], "version": "17.0", "lessThan": "*", "versionType": "otp"}, {"status": "affected", "changes": [{"at": "7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a", "status": "unaffected"}, {"at": "548f1295d86d0803da884db8685cc16d461d0d5a", "status": "unaffected"}], "version": "07b8f441ca711f9812fad9e9115bab3c3aa92f79", "lessThan": "*", "versionType": "git"}], "packageName": "ssh", "programFiles": ["lib/ssh/src/ssh_sftpd.erl"], "defaultStatus": "unknown"}], "references": [{"url": "https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph", "tags": ["vendor-advisory"]}, {"url": "https://www.erlang.org/doc/system/versions.html#order-of-versions", "tags": ["x_version-scheme"]}, {"url": "https://github.com/erlang/otp/pull/10162", "tags": ["patch"]}, {"url": "https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a", "tags": ["patch"]}, {"url": "https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a", "tags": ["patch"]}], "workarounds": [{"lang": "en", "value": "* set option parallel_login to false\n * reduce max_sessions option", "supportingMedia": [{"type": "text/html", "value": "<ul><li>set option <tt>parallel_login</tt> to <tt>false</tt></li><li>reduce <tt>max_sessions</tt> option</li></ul>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl.\n\nThis issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.", "supportingMedia": [{"type": "text/html", "value": "Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding.<p> This vulnerability is associated with program files <tt>lib/ssh/src/ssh_sftpd.erl</tt>.</p><p>This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "26.2.5.15"}, {"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "27.3.4.3", "versionStartIncluding": "27.0"}, {"criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "28.0.3", "versionStartIncluding": "28.0"}], "operator": "OR"}], "operator": "AND"}], "providerMetadata": {"orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "shortName": "EEF", "dateUpdated": "2025-09-12T03:19:04.361Z"}}}, "cveMetadata": {"cveId": "CVE-2025-48040", "state": "PUBLISHED", "dateUpdated": "2025-09-12T03:19:04.361Z", "dateReserved": "2025-05-15T08:40:25.455Z", "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "datePublished": "2025-09-11T08:14:19.671Z", "assignerShortName": "EEF"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl.\n\nThis issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12."}], "id": "CVE-2025-48040", "lastModified": "2025-09-11T17:14:10.147", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "type": "Secondary"}]}, "published": "2025-09-11T09:15:34.400", "references": [{"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "url": "https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a"}, {"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "url": "https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a"}, {"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "url": "https://github.com/erlang/otp/pull/10162"}, {"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "url": "https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph"}, {"source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "url": "https://www.erlang.org/doc/system/versions.html#order-of-versions"}], "sourceIdentifier": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}, {"lang": "en", "value": "CWE-770"}], "source": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "type": "Secondary"}]}

{"bugzilla": {"description": "erlang: Erlang Excessive Resource Consumption", "id": "2394521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394521"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "(CWE-400|CWE-770)", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-48040", "package_state": [{"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "erlang", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "erlang", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Fix deferred", "package_name": "erlang", "product_name": "Red Hat OpenStack Platform 18.0"}], "public_date": "2025-09-11T08:14:19Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-48040\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-48040\nhttps://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a\nhttps://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a\nhttps://github.com/erlang/otp/pull/10162\nhttps://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph\nhttps://www.erlang.org/doc/system/versions.html#order-of-versions"], "threat_severity": "Moderate"}