CVE-2025-50343
CRITICAL
9,8
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Description
AI Translation Available
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in Mat_VarCreateStruct() when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a segmentation fault or heap corruption.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0005
Percentile
0,2th
Updated
EPSS Score Trend (Last 76 Days)
122
Heap-based Buffer Overflow
DraftCommon Consequences
Security Scopes Affected:
Availability
Integrity
Confidentiality
Access Control
Other
Potential Impacts:
Dos: Crash, Exit, Or Restart
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Execute Unauthorized Code Or Commands
Bypass Protection Mechanism
Modify Memory
Other
Applicable Platforms
Languages:
C, C++, Memory-Unsafe
Application
Matio by Matio Project
CPE Identifier
View Detailed Analysis
cpe:2.3:a:matio_project:matio:1.5.28:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/tbeu/matio/issues/275
https://github.com/zakkanijia/POC/blob/main/matio/CVE-2025-50343/matio.md
https://github.com/tbeu/matio/issues/275
https://github.com/zakkanijia/POC/blob/main/matio/CVE-2025-50343/matio.md