{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T12:48:52.728","vulnerabilities":[{"cve":{"id":"CVE-2022-26061","sourceIdentifier":"talos-cna@cisco.com","published":"2022-08-22T19:15:09.487","lastModified":"2024-11-21T06:53:21.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en la funcionalidad gif2h5 de HDF5 Group libhdf5 versión 1.10.4. Un archivo GIF especialmente diseñado puede conllevar a una ejecución de código. Un atacante puede proporcionar un archivo malicioso para desencadenar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hdfgroup:hdf5:1.10.4:*:*:*:*:*:*:*","matchCriteriaId":"1C82BB0E-2A5E-4273-8CF6-A3ED216F95F2"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487","source":"talos-cna@cisco.com","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://github.com/HDFGroup/hdf5/pull/4785","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}}]}