Heap Buffer Overflow Vulnerability in HDF5 by The HDF Group
CVE-2025-44905

8.8HIGH

Key Information:

Vendor: The HDF Group
Status: HDF5
Vendor: CVE Published:; 30 May 2025

🔔 Create The HDF Group Vulnerability Alert

What is CVE-2025-44905?

A vulnerability has been identified in HDF5 version 1.14.6, where a heap buffer overflow occurs in the H5Z__filter_scaleoffset function. This flaw could potentially allow attackers to manipulate memory operations, leading to unauthorized access or crashes in applications utilizing the affected HDF5 library. Users of HDF5 should assess their implementation of version 1.14.6 and consider upgrading to mitigate associated risks.

References

https://github.com/madao123123/crash_report/blob/main/hdf...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2025
Vulnerability Reserved
Apr 22, 2025