CNNVD-202512-4097 Information

CNNVD ID

CNNVD-202512-4097

Related CVE

CVE-2025-14932

• CNNVD Published: 2025-12-23

Description (Chinese)

NSF Unidata NetCDF-C是美国NSF Unidata公司的一个处理NetCDF文件的工具。 NSF Unidata NetCDF-C存在安全漏洞，该漏洞源于解析时间单位时缺乏对用户提供数据长度的验证，可能导致栈缓冲区溢出和远程代码执行。

Description (English)

NSF Unidata NetCDF-C is a tool for the processing of NetCDF documents by the United States company NSF Unidata. There is a security loophole in the NSF Unidata NetCDF-C, which arises from the lack of validation of the data length provided by users when the unit of time is deciphered, which could lead to a spill out of the fence and remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

NSF Unidata

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-1153/