← Zuruck zu CVEs

CVE-2025-6516

MEDIUM

5.3

Beschreibung

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

CVE Details

CVSS v3.1 Bewertung5.3

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienLOW

BenutzerinteraktionNONE

Veroffentlicht6/23/2025

Zuletzt geandert4/29/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

hdfgroup:hdf5

Schwachen (CWE)

CWE-119CWE-122CWE-787

Referenzen

https://github.com/HDFGroup/hdf5/issues/5581(cna@vuldb.com)

https://github.com/user-attachments/files/20626851/reproduce.tar.gz(cna@vuldb.com)

https://vuldb.com/?ctiid.313636(cna@vuldb.com)

https://vuldb.com/?id.313636(cna@vuldb.com)

https://vuldb.com/?submit.592589(cna@vuldb.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.