← Retour aux CVEs

CVE-2025-6516

MEDIUM

5.3

Description

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Details CVE

Score CVSS v3.15.3

SeveriteMEDIUM

Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vecteur d'attaqueLOCAL

ComplexiteLOW

Privileges requisLOW

Interaction utilisateurNONE

Publie6/23/2025

Derniere modification4/29/2026

Sourcenvd

Observations honeypot0

Produits affectes

hdfgroup:hdf5

Faiblesses (CWE)

CWE-119CWE-122CWE-787

References

https://github.com/HDFGroup/hdf5/issues/5581(cna@vuldb.com)

https://github.com/user-attachments/files/20626851/reproduce.tar.gz(cna@vuldb.com)

https://vuldb.com/?ctiid.313636(cna@vuldb.com)

https://vuldb.com/?id.313636(cna@vuldb.com)

https://vuldb.com/?submit.592589(cna@vuldb.com)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.