{"id":"CVE-2025-2338","summary":"tbeu matio io.c strdup_vprintf heap-based overflow","details":"A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdup_vprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.","modified":"2026-05-15T04:13:10.939157417Z","published":"2025-03-16T12:31:04.547Z","related":["openSUSE-SU-2026:10002-1","openSUSE-SU-2026:20022-1"],"database_specific":{"cna_assigner":"VulDB","cwe_ids":["CWE-119","CWE-122"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2338.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2338.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2338"},{"type":"ADVISORY","url":"https://vuldb.com/?id.299802"},{"type":"ADVISORY","url":"https://vuldb.com/?submit.510781"},{"type":"REPORT","url":"https://github.com/tbeu/matio/issues/269"},{"type":"REPORT","url":"https://github.com/tbeu/matio/issues/269#issue-2883920922"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.299802"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}]}