Medium severity6.5NVD Advisory· Published Dec 11, 2017· Updated May 13, 2026

CVE-2017-17505

Description

In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

Affected products

Hdfgroup/Hdf5
cpe:2.3:a:hdfgroup:hdf5:1.10.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/xiaoqx/pocs/tree/master/hdf5/readme.mdnvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000