vulnerability
Debian: CVE-2025-2308: hdf5 -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Mar 14, 2025 | May 15, 2025 | May 30, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Mar 14, 2025
Added
May 15, 2025
Modified
May 30, 2025
Description
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.
Solution
no-fix-debian-deb-package

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.