CVE-2025-5318
CVE Details
Visit the official vulnerability details page for CVE-2025-5318 to learn more.
Initial Publication
06/26/2025
Last Update
10/14/2025
Third Party Dependency
libssh-4
NIST CVE Summary
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
CVE Severity
Our Official Summary
CVE-2025-5318 is an out-of-bounds read vulnerability in the libssh library’s SFTP subsystem. It occurs in the sftp_handle function, where improper bounds checking can allow memory disclosure. An authenticated attacker could exploit this flaw to read sensitive data from the process memory.
This vulnerability affects self hosted palette deployments and if Virtual machine orchestrator components are used. Exploitation will require crafted input that invokes sftp functionality in these components. Containers has built in controls to prevent arbitrary code execution.
Upstream fixes when available will be adopted to fix the vilnerability.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.7.23 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted |
| 4.6.41 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted |
Revision History
| Date | Revision |
|---|---|
| 10/14/2025 | Status changed from Open to Ongoing |
| 10/14/2025 | Official summary added |
| 09/23/2025 | Advisory severity revised to HIGH from MEDIUM |
| 06/27/2025 | Advisory assigned with MEDIUM severity |