A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/HDFGroup/hdf5/issues/5549 | Exploit Issue Tracking |
https://github.com/user-attachments/files/20438441/hdf5_crash_1.txt | Exploit |
https://vuldb.com/?ctiid.314048 | Permissions Required VDB Entry |
https://vuldb.com/?id.314048 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.601017 | Third Party Advisory VDB Entry |
https://github.com/HDFGroup/hdf5/issues/5549 | Exploit Issue Tracking |
Configurations
History
01 Jul 2025, 17:44
Type | Values Removed | Values Added |
---|---|---|
First Time |
Hdfgroup hdf5
Hdfgroup |
|
CPE | cpe:2.3:a:hdfgroup:hdf5:1.14.6:*:*:*:*:*:*:* | |
References | () https://github.com/HDFGroup/hdf5/issues/5549 - Exploit, Issue Tracking | |
References | () https://github.com/user-attachments/files/20438441/hdf5_crash_1.txt - Exploit | |
References | () https://vuldb.com/?ctiid.314048 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.314048 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.601017 - Third Party Advisory, VDB Entry |
30 Jun 2025, 18:38
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Jun 2025, 14:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/HDFGroup/hdf5/issues/5549 - |
27 Jun 2025, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-27 03:15
Updated : 2025-07-01 17:44
NVD link : CVE-2025-6750
Mitre link : CVE-2025-6750
CVE.ORG link : CVE-2025-6750
JSON object : View
Products Affected
hdfgroup
- hdf5