CVE-2024-33875

Sažetak

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer.

Reference

https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/
https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/

CVSS

Base:	5.7
Impact:	4.2
Exploitability:	1.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	LOW	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Zadnje važnije ažuriranje

18-04-2025 - 14:35

Objavljeno

14-05-2024 - 15:38