{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2025-48040", "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "state": "PUBLISHED", "assignerShortName": "EEF", "dateReserved": "2025-05-15T08:40:25.455Z", "datePublished": "2025-09-11T08:14:19.671Z", "dateUpdated": "2026-06-05T11:58:58.555Z" }, "containers": { "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "modules": [ "ssh_sftp" ], "packageName": "ssh", "packageURL": "pkg:otp/ssh?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp&vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git", "product": "OTP", "programFiles": [ "lib/ssh/src/ssh_sftpd.erl" ], "repo": "https://github.com/erlang/otp", "vendor": "Erlang", "versions": [ { "changes": [ { "at": "5.3.3", "status": "unaffected" }, { "at": "5.2.11.3", "status": "unaffected" }, { "at": "5.1.4.12", "status": "unaffected" } ], "lessThan": "*", "status": "affected", "version": "3.0.1", "versionType": "otp" } ] }, { "collectionURL": "https://github.com", "cpes": [ "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "modules": [ "ssh_sftp" ], "packageName": "erlang/otp", "packageURL": "pkg:github/erlang/otp", "product": "OTP", "programFiles": [ "lib/ssh/src/ssh_sftpd.erl" ], "repo": "https://github.com/erlang/otp", "vendor": "Erlang", "versions": [ { "changes": [ { "at": "28.0.3", "status": "unaffected" }, { "at": "27.3.4.3", "status": "unaffected" }, { "at": "26.2.5.15", "status": "unaffected" } ], "lessThan": "*", "status": "affected", "version": "17.0", "versionType": "otp" }, { "changes": [ { "at": "7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a", "status": "unaffected" }, { "at": "548f1295d86d0803da884db8685cc16d461d0d5a", "status": "unaffected" } ], "lessThan": "*", "status": "affected", "version": "07b8f441ca711f9812fad9e9115bab3c3aa92f79", "versionType": "git" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.2.5.15", "vulnerable": true }, { "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "versionEndExcluding": "27.3.4.3", "versionStartIncluding": "27.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", "versionEndExcluding": "28.0.3", "versionStartIncluding": "28.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "credits": [ { "lang": "en", "type": "remediation developer", "value": "Jakub Witczak" }, { "lang": "en", "type": "remediation reviewer", "value": "Ingela Anderton Andin" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding.
This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl.
This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.
" } ], "value": "Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl.\n\nThis issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12." } ], "impacts": [ { "capecId": "CAPEC-130", "descriptions": [ { "lang": "en", "value": "CAPEC-130 Excessive Allocation" } ] }, { "capecId": "CAPEC-125", "descriptions": [ { "lang": "en", "value": "CAPEC-125 Flooding" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "shortName": "EEF", "dateUpdated": "2026-06-05T11:58:58.555Z" }, "references": [ { "tags": [ "vendor-advisory", "related" ], "url": "https://github.com/erlang/otp/security/advisories/GHSA-h7rg-6rjg-4cph" }, { "tags": [ "related" ], "url": "https://cna.erlef.org/cves/CVE-2025-48040.html" }, { "tags": [ "related" ], "url": "https://osv.dev/vulnerability/EEF-CVE-2025-48040" }, { "tags": [ "x_version-scheme" ], "url": "https://www.erlang.org/doc/system/versions.html#order-of-versions" }, { "tags": [ "patch" ], "url": "https://github.com/erlang/otp/pull/10162" }, { "tags": [ "patch" ], "url": "https://github.com/erlang/otp/commit/7cd7abb7e19e16b027eaee6a54e1f6fbbe21181a" }, { "tags": [ "patch" ], "url": "https://github.com/erlang/otp/commit/548f1295d86d0803da884db8685cc16d461d0d5a" } ], "source": { "discovery": "INTERNAL" }, "title": "Malicious Key Exchange Messages may Lead to Excessive Resource Consumption", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "