← Volver a CVEs

CVE-2025-6516

MEDIUM

5.3

Descripcion

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Detalles CVE

Puntuacion CVSS v3.15.3

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado6/23/2025

Ultima modificacion4/29/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

hdfgroup:hdf5

Debilidades (CWE)

CWE-119CWE-122CWE-787

Referencias

https://github.com/HDFGroup/hdf5/issues/5581(cna@vuldb.com)

https://github.com/user-attachments/files/20626851/reproduce.tar.gz(cna@vuldb.com)

https://vuldb.com/?ctiid.313636(cna@vuldb.com)

https://vuldb.com/?id.313636(cna@vuldb.com)

https://vuldb.com/?submit.592589(cna@vuldb.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.