CVE-2025-2153

Low CVSS: 2.3

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Vendor

Hdfgroup

Product

Hdf5

CWE

CWE-119

Yayın Tarihi

2025-03-10 14:15:26

Güncelleme

2025-03-13 18:17:10

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Hdf5 LOW Hdfgroup 2025

Referanslar

https://github.com/HDFGroup/hdf5/issues/5329 https://github.com/sae-as-me/Crashes/raw/refs/heads/main/hdf5/h5_extended_crash.h5 https://vuldb.com/?ctiid.299064 https://vuldb.com/?id.299064 https://vuldb.com/?submit.510819

Benzer Kayıtlar

High

CVE-2026-26200

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 c…

Medium

CVE-2025-7068

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5F…

Medium

CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FS__sect_link…

Medium

CVE-2025-7067

A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FS__sinfo_…

Medium

CVE-2025-6858

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flus…

Medium

CVE-2025-6857

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the funct…