Base Score

MEDIUM5.7

CVE-2024-32610

HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.

VectorLOCAL

Published Bycve@mitre.org

Published DateMay 14, 2024, 15:36

Weakness Type (CWE):CWE-416

CVSS Metrics

Base Score

5.7

Vector String

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

LOW

Availability (A)

HIGH

References

https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/

Base Score

MEDIUM5.7

Weakness Type (CWE):CWE-416

CVSS Metrics

Base Score

5.7

Vector String

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

LOW

Availability (A)

HIGH