CVE Daily

CVE-2025-2912

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problema...

Low CVSS 3.3

Overview

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5O_msg_flush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

CWE: CWE-119 Published: 2025-03-28T16:15:30.540
Risk analysis

This vulnerability is rated 🟢 LOW.

  • CVSS: 3.3 (LOW)
  • Detected tags: buffer (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags