HDF5 Heap Buffer Overflow Vulnerability in Version 1.14.6

Vulnerability

A heap buffer overflow vulnerability has been identified in HDF5 version 1.14.6. The issue arises in the H5VM_memcpyvv function, where improper memory handling can lead to buffer overflow conditions.

Impact

Exploitation of this vulnerability leads to a heap buffer overflow, which can commonly result in arbitrary code execution or memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

5.8

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

5.8

remediation

0.0

relevance

0.1

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HDF5 Heap Buffer Overflow Vulnerability in Version 1.14.6

Vulnerability

Impact

Affected Products

HDF5

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating