{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2025-2308","title":"Title"},{"category":"description","text":"A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2025-2308","url":"https://www.suse.com/security/cve/CVE-2025-2308"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1239687 for CVE-2025-2308","url":"https://bugzilla.suse.com/1239687"}],"title":"SUSE CVE CVE-2025-2308","tracking":{"current_release_date":"2025-12-19T00:52:03Z","generator":{"date":"2025-03-17T14:17:59Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2025-2308","initial_release_date":"2025-03-17T14:17:59Z","revision_history":[{"date":"2025-03-17T14:17:59Z","number":"2","summary":"Current version"},{"date":"2025-05-08T11:49:09Z","number":"3","summary":"Current version"},{"date":"2025-07-15T23:34:45Z","number":"4","summary":"Current version"},{"date":"2025-07-16T23:34:44Z","number":"5","summary":"Current version"},{"date":"2025-12-17T00:52:46Z","number":"6","summary":"description changed"},{"date":"2025-12-19T00:52:03Z","number":"7","summary":"description changed"}],"status":"interim","version":"7"}}}