Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hdf5
(Hdfgroup)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 67 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-03-22 | CVE-2020-10811 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service. | Hdf5 | N/A | ||
| 2020-03-22 | CVE-2020-10810 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. | Hdf5 | N/A | ||
| 2020-03-22 | CVE-2020-10809 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service. | Hdf5 | N/A | ||
| 2019-02-25 | CVE-2019-9152 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c. | Hdf5 | 8.8 | ||
| 2019-02-25 | CVE-2019-9151 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VM_memcpyvv in H5VM.c when called from H5D__compact_readvv in H5Dcompact.c. | Hdf5 | 8.8 | ||
| 2019-02-17 | CVE-2019-8398 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c. | Hdf5 | 6.5 | ||
| 2019-02-17 | CVE-2019-8397 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_close_real in H5T.c. | Hdf5 | 6.5 | ||
| 2019-02-17 | CVE-2019-8396 | A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2." | Hdf5 | 6.5 | ||
| 2018-09-24 | CVE-2018-17438 | A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. | Hdf5 | 6.5 | ||
| 2018-09-24 | CVE-2018-17436 | ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. | Hdf5 | 6.5 |