← Voltar para CVEs

CVE-2025-6516

MEDIUM

5.3

Descricao

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5F_addr_decode_len of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Detalhes CVE

Pontuacao CVSS v3.15.3

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vetor de ataqueLOCAL

ComplexidadeLOW

Privilegios necessariosLOW

Interacao do usuarioNONE

Publicado6/23/2025

Ultima modificacao4/29/2026

Fontenvd

Avistamentos honeypot0

Produtos afetados

hdfgroup:hdf5

Fraquezas (CWE)

CWE-119CWE-122CWE-787

Referencias

https://github.com/HDFGroup/hdf5/issues/5581(cna@vuldb.com)

https://github.com/user-attachments/files/20626851/reproduce.tar.gz(cna@vuldb.com)

https://vuldb.com/?ctiid.313636(cna@vuldb.com)

https://vuldb.com/?id.313636(cna@vuldb.com)

https://vuldb.com/?submit.592589(cna@vuldb.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.