cvedb.io
CVE-2025-2913
LOW · CVSS 3.3
EPSS exploitation probability: 0%
Published 2025-03-28T17:15:30.260 · Last modified 2026-06-17T09:07:50.380

Summary

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Affected products

hdfgroup — hdf5

Does this affect you?

Add your gear to cvedb and we'll alert you only when hdfgroup ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.